- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
Heartland Payment Systems is calling for the card-payments industry to better defend itself through information sharing and security.
In the three days since Heartland disclosed a breach of its card-processing network, chairman and CEO Robert Carr said he has been in discussions with others in the industry "who are also concerned about the increasing success and frequency of cybercrime attacks."
The lack of information-sharing in the industry, he said, contributes to "empowering cyber criminals to use the same or slightly modified techniques over and over again. I believe that had we known the details about previous intrusions, we might have found and prevented the problem we learned of last week."
Heartland, which issued a press statement containing Carr's remarks, wouldn't provide further details about these discussions.
According to a spokesman, Heartland would like to see the recent breach incident used to help the industry find ways to better protect data by having payments processors work more closely together, possibly with law enforcement, to share information about attacks.
Carr is said to be a strong advocate of "end-to-end encryption -- which protects data at rest as well as data in motion -- as an improved and safer standard of payments security." This technology does not "wholly exist on any payments platform today," the Heartland statement claims.
The recent Heartland data breach is now believed to be associated with a criminal group engaging in global fraud.
To date, it's not clear how many cards may have been stolen during the Heartland breach, and Carr said many press reports about the breach have been very "speculative."
The Heartland statement issued today also said the firm has added more than 400 merchants to its client base in the past few days, claiming this customer growth exceeded results for the same period from last year.
Heartland attributes this customer growth to the company's "transparency" and "fair dealings" and an "energized organization" that reached out to owners of more than 150,000 business locations in the past three days "to help them understand the breach and what it means to them."
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (7)
Encryption of Data is NOT ENOUGHBy Anonymous on January 23, 2009, 8:48 pmThe Heartland Payment Data Leak is an example proving that encryption of data is NOT ENOUGH! If Heartland had a data leak prevention system (a dlp product where...
Reply | Read entire comment
I wouldn't brag if i were HPS...By Anonymous on January 23, 2009, 10:44 pmBragging about their volume is what made HPS irresistible to hackers. And, they're acting like they have a plan to take advantage of all this 'publicity'. IMHO,...
Reply | Read entire comment
Data Theft, Breach, Infections - a Solution?By johnfranks999 on January 24, 2009, 9:51 amPrice Waterhouse Cooper and Carnegie-Mellon’s CyLab have recent surveys that show the senior executive class to be, basically, clueless regarding IT risk and its...
Reply | Read entire comment
Re-think the whole thing!By Anonymous on January 25, 2009, 5:53 amThe problem comes from the system itself. The payment process is a real-time process operation and adding several layers of crypto will condierably slow it down;...
Reply | Read entire comment
INVESTIGATIONBy Anonymous on January 26, 2009, 11:36 pmChimicles & Tikellis is investigating a potential class action lawsuit against Heartland Payment Systems (“HPS”). HPS, a publicly traded company, processes credit...
Reply | Read entire comment
All participants must protect customer and account informationBy Taher Elgamal on January 28, 2009, 12:55 pmQuite simply, all participants must protect customer and account information. The payment industry has developed several standards to help in this area, but adoption...
Reply | Read entire comment
View all comments