As you know if you read Tuesday’s post on the Heartland breach (and saw my comments on some other blogs) I think we’re probably looking at over 100 million accounts either compromised or at risk. I admit that it’s pure speculation and my speculations have been wrong now and then. I’ve also been right now and then.
It’s starting to look like I’m not the only one thinking the numbers will be that high. Information Week’s Dark Reading went on record last night with some of the same numbers.
Robert Baldwin, Heartland’s president and CFO, is now admitting that the attack was “longer than weeks” and some security experts are feeling confident that Heartland could discover that ‘several months’ worth’ of transactions were captured.
Three of the four points made by my source are already fact. That source told me that it was a multi-bank breach and that it would be announced early this week. I was also told it would be a big breach. The only point left in question is that it was, in fact, a six-month long attack. Now we’re seeing language that might mean my source is four for four. Add to that the fact that we now know the numbers were captured in transit and I think it’s a good bet that all accounts were captured. They certainly qualify as being at risk.
Again, you do the math: 100 million transactions a month times six months equals a lot of accounts. I know it’s still speculation, but I’m sticking to it: 100-300 million accounts.
Comments? Click below.
Similar Posts:
- Heartland Data Breach rears its ugly head again
- Credit Card Data Breach at Heartland Payment Systems
- The Last of the Heartland Breach
- Oh the Irony!
- Heartland breach costs at $12.6M – and counting
