DataBreaches.Net

Data Theft Hits Mainers

Posted on by Dissent

Fraudulent charges from Heartland breach were appearing between May 16 and August 19th.

Tux Turkel reports:

Hundreds of Maine credit and debit card holders appear to have been victims of a nationwide data theft carried out against Heartland Payment Systems, which processes cards for 250,000 restaurants, retailers and other businesses.

Several Maine credit unions have been told by Visa and MasterCard that fraudulent charges were placed on members’ cards between May 16 and August 19, 2008, according to Jon Paradise, a spokesman for the Maine Credit Union League. Many of the charges were tallied at Wal-Mart stores in Texas, he said.

[…]

At PeoplesChoice Credit Union in Saco, the Heartland news settles a three-month mystery.

“We’ve been experiencing losses since October,” said Luke Labbe, president and chief executive officer. “We couldn’t figure out where they were coming from.”

The credit union noticed a pattern, in which small charges were being rung up at gas stations in the South, followed by a $500 or so charge at a nearby Wal-Mart. Labbe has since learned that 500 or so Visa credit and debit cards issued by the credit union may have been compromised by the Heartland data breach, and that 50 or 60 customers actually have fraudulent charges on their cards.

[…]

TD Banknorth said it had determined that some debit and credit card customers are affected, and is working with Visa and other agencies in the preliminary stages of an investigation. It declined to provide further details, except to say its fraud detection technology hadn’t detected any activity related to Heartland.

“At this time, we don’t have plans to do a mass-reissue of cards for impacted customers, because of the fraud detection tools we have in place,” the bank said in a written statement.

Bangor Savings Bank, which has 70,000 Visa cardholders, said its internal fraud-detection software had so far not detected any problems. For now, the bank isn’t planning to reissue new cards for all customers, relying instead on its monitoring technology to pick up fraudulent activity.

Read more in the Portland Press Herald