Despite what some people might have suggested, Heartland Payment Systems has flatly denied that it is in any way responsible for the newest reports of another payment processor breach. In response to a blog entry on The Consumerist, Nancy Gross, Heartland’s Executive Director of Marketing, replied: We, too, have heard of a new breach. But,…
Category: Hack
When banks get religion
Heartland Payment System reports 4th Quarter Gains
Of course, the fourth quarter ended before they announced that they had been breached. They had this to say about the breach in their press release today (via Marketwatch): Clearly our biggest challenge in 2009 will arise from the system breach we suffered. There are two main components to the challenge we face: addressing claims…
How many strikes before they’re out?
A tip of my cap to Jai Vijayan of Computerworld, who in the process of digging into the second recent University of Florida breach realized that the university had had a third breach in the past three months that hadn’t made the media. Three breaches in three months sounds pretty bad, but it sounds even…
More recent breaches we didn’t know about
Thanks to the New Hampshire Attorney General’s Office for posting breach notices online: Student Loan Xpress, Inc. reported (pdf) that the service provider for their student loans, American Education Services, inadvertently transmitted personal information on student loans to another lender that AES also has contracts with. The information may have included names, addresses, Social Security…
StayFriends members’ personal info exposed by SQL injection
The same individual, “unu,” who has been exposing other web sites vulnerable to SQL injection, has issued some screen shots showing how the German site, StayFriends, left its over 7 million users’ personal information vulnerable to exposure or access. According to the account of the hack, the exposure involved names, email addresses, passwords, some credit…