Reports on the Heartland breach continue to trickle in but we still don’t know the extent of the damage. We probably never will. One thing is clear; the damage is widespread and costly.
According to Bank Info Security the number of banks that are reporting replacement of debit cards due to the Heartland breach has reached 330.
The reported number of cards replaced is 272,793 but that’s not the whole picture. Out of the 330 reporting banks, only 121 have released the number of cards that they’ve had to replace. Assuming a similar spread in the number of cards replaced, that puts the number somewhere around 744,000. 743,981 to be precise.
Are there more banks involved?
Looking at the bigger picture, things get a bit fuzzier. Heartland reports that they process over 100 million transactions a month for 250,000 merchants. Although they haven’t released anything about how long the breach was on-going, they have said it was “longer than weeks” and they have not denied the reports that it was on-going for as long as six months. Personally, I think the number of cards will be in the millions at least, but we’ll never really know.
Three arrests. More to come?
On the bright side, the FBI arrested three men in Florida (why am I not surprised it was there) on charges of fraud that relate directly back to the Heartland breach. That’s an excellent start but I’m sure there are more than three people involved in all this and these guys were probably small fish. Nothing against the FBI intended here, but I’d be surprised if they ever get the folks that masterminded this thing. These aren’t your ordinary carders and quite a few International borders were crossed to get to Heartland. Even if the Feds figure out who did this, they’ll have a tough time bringing them down. It’ll be business as usual for the bad guys – but I hope I’m wrong!
Another breach?
Some of you may remember that I heard rumbles about the Heartland breach before they disclosed. I’d heard it was a processor, I’d heard that the breach had gone on for months (I still have the exact start date) and I heard it was huge. I’m hearing information that another one of these things may be about to go public and it won’t be small either. Stay tuned!
Similar Posts:
- Heartland Data Breach rears its ugly head again
- US Bank concealed a data breach?
- Genesco suffers breach – Not PCI compliant?
- Card Breach Victim Gets Twenty Years ‘Probation’
- Albert Gonzales may be in Jail but it ain’t over for a long time.
