On Jan. 20, a New Jersey-based company that handles credit card transactions for some 250,000 businesses across the United States announced that its data had been compromised. Heartland Payment Systems discovered in January that malicious software …
Banks forced to reissue cardsImagine 10 million credit card numbers falling into the hands of criminals. Every day. For weeks.Now, stop imagining — it likely happened last year.
On Jan. 20, a New Jersey-based company that handles credit card transactions for some 250,000 businesses across the United States announced that its data had been compromised. Heartland Payment Systems discovered in January that malicious software had been installed on its processing systems. The security breach meant hackers potentially gained access to tens of millions of card numbers. Folks who used a credit card at a store or restaurant that contracts with Heartland were vulnerable.
In a statement regarding the incident, Heartland said that no Social Security numbers, personal identification numbers (PINs), addresses or telephone numbers were involved in the breach. However, even armed with just a card number, it would be possible to create a working duplicate.
As a result, local banks have had to re-issue hundreds of check cards.
Credit card companies like Visa send out alerts to financial institutions when breaches occur, notifying them what account numbers are at risk and how at risk they are. From that information, the bank must determine what action is appropriate.
Big Horn Federal, with branches across the Big Horn Basin, re-issued 650 cards that were at a medium level of risk, said bank president John King. That impacted about one of every six cardholders, he said. The affected cards were immediately given a $300 three-day purchase limit to reduce potential loss, and on Friday, were deactivated entirely until replacements arrive.
Bank of Bridger, which has eight branches across Montana and Wyoming — including Bank of Powell — had to re-issue 80 cards, said operations officer Roxanne Tucker. The cards were shut down immediately, and the holders were called, Tucker said.
About two weeks ago, First National Bank re-issued more than 100 cards that Visa determined to be at high-risk of fraud, said Rich Stearns, First National's electronic banking manager.
Christie Drumm, a Wyoming Wells Fargo spokesperson, said she was not certain any cards had been reissued as a result of the Heartland breach, but said the bank was carefully monitoring customer accounts for fraudulent activity.
Customers are not on the hook for any fraudulent spending that results from the Heartland breach. Banks are the ones who must cover losses.
Tucker said no Bank of Bridger branches suffered losses, but she said she knew other banks had.
King said the Heartland incident has already proven costly in indirect ways.
“Fortunately, we've not been subject to loss, but it's the employee time to fight (fraud), and make sure you have the preventative measures in place,” he said.
Tucker said it took several Bank of Bridger employees multiple days to deal with the mess.
Thousands more bank cards were identified as being at low-risk. Tucker said VISA's low-risk list included some 18 percent of their cardholders. First National Vice President Dave Reetz said a “substantial” number of their customers were at low-risk. Bank of Powell and First National Bank will be sending letters to low-risk cardholders notifying them of the risk, but their cards will not be re-issued.
The issue of data breaches appears to be a growing problem.
Nearly 35.7 million records were reportedly compromised in 2008, according to the Identity Theft Resource Center — and those numbers do not include the Heartland breach. According to the center, there were 656 reported breaches last year — up 47 percent from 2007.
Bankers stress the need for customers to keep a closer eye on their accounts.
“We're all trying to preach to the customers you've got to pay more attention to that bank statement ... than you ever had in the past,” King said.
Drumm of Wells Fargo noted the challenges brought by new technology have also come with new ways for people to protect themselves, such as electronic banking.
“There's a lot of new tools for customers to really keep track of their accounts,” she said.