Tuesday, January 20, 2009

Largest Card Data Breach Ever?

"A data breach last year at Princeton, N.J., payment processor Heartland Payment Systems may have led to the theft of more than 100 million credit and debit card accounts, the company said today. If accurate, such figures may make the Heartland incident one of the largest data breaches ever reported."

"A piece of malicious software planted on the company's payment processing network that recorded payment card data as it was being sent for processing to Heartland by thousands of the company's retail clients."

"Heartland does not know how long the malicious software was in place, how it got there or how many accounts may have been compromised. "(some details)

So, TJX, rest-in-peace! Your record has been broken!

UPDATE: fun comments from Rich (here), Michael (here) - more as I see them.

Dr Anton Chuvakin