Sign in to wowOwow

Enter the email address that you used when registering at wowOwow.
The password field is case sensitive. Click here if you have forgotten your password.

Please register for wowOwow

Newsletter subscriptions
Sign up to receive wowOwow's weekly newsletter and get our best picks delivered right to your inbox. Our newsletter content is hand-picked by the wowOwow editorial team and provides the top features, news, and commentary from our site. Subscribing to our newsletter is free and safe. We will never share your email or other information with a third-party without your direct consent.
By registering, you indicate that you have read and agree
with our privacy policy and terms of service.
HomePolitics

A Friend Stopped By | 01/23/2009 2:45 pm

Watch Your Credit Card Statements: New Security Breach

By Jennifer Openshaw, President & co-founder, WeSeed

Jennifer Openshaw is co-founder and president of WeSeed, a new approach to demystifying the stock market for real everyday people. She’s also the author of The Millionaire Zone You can reach her at jopenshaw@weseed.com.

You’ve heard about all those security-card mess-ups that put credit-card information in the hands of some scam artist, right?

It almost seems it’s been quiet for a while — until now. Word is that New Jersey’s Heartland Payment Systems (HPY) — a processor of credit- and debit-card payments — was the victim of a massive security breach attributed to cyber-criminals. Apparently, thieves used "malicious" software to break into Heartland’s payment system.

The company processes more than 100 million transactions per month, but Heartland spokesman Jason Maloni told me that any estimation of dollars at stake here is “nothing more than speculation.” And no merchant data or cardholder Social Security numbers, unencrypted personal identification numbers (PIN), addresses or telephone numbers were involved in the breach, Maloni emphasizes.

Still, this is scary stuff. We saw this with The TJX Companies (TJX) — the company that owns big retail stores like T.J. Maxx and Marshalls — which lost 90 million customer records in 2007.

The lesson: A tech-savvy thief can get our information pretty easily. So how do we protect ourselves? Heartland moved quickly once it discovered the breach, but apparently it had been going on for a few weeks.

What I don’t understand is how Heartland’s website can claim the company has “The Highest Standards. The Most Trusted Transactions.”

Heartland says it’s implementing a new system to flag anomalies in real time, but I wonder why this wasn’t already part of the company’s security.

"Flagging anomalies isn’t something you see at many firms," Maloni says. "That’s something you tend to only see at the governmental levels. We will learn from this."

Still, I’m worried. And what should you do after reading about this?

  • First, review your credit-card statements online — now and always — to see if there are any unusual charges or activity.
  • Stick to one credit card. It’ll simplify your credit-card life and reduce your exposure to fraud — with one card, there are fewer chances to get your information in the hands of the wrong person.
  • Be ready. You might get notified by Heartland if your data was compromised.

Still, more needs to be done. If companies are going to make billions off our credit-card usage, then they need to have protections in place to prevent it from happening in the first place. Don’t you agree?

Read more about: Credit Cards, Identity Theft, News

71 Reader Comments (so far…) Sign In or Register to comment

John Franks
Price Waterhouse Cooper and Carnegie-Mellon’s CyLab have recent surveys that show the senior executive class to be lacking regarding IT risk and its tie to overall enterprise (business) risk. Data breaches and thefts are due to a lagging business culture – and people aren’t getting the training they need. For example: Microsoft patched for this worm 4 months ago. As CIO, I’m constantly seeking things that work, in hopes that good ideas make their way back to me - check your local library: A book that is required reading is “I.T. WARS: Managing the Business-Technology Weave in the New Millennium.” It also helps outside agencies understand your values and practices. The author, David Scott, has an interview that is a great exposure: http://businessforum.com/DScott_02.html - The book came to us as a tip from an intern who attended a course at University of Wisconsin, where the book is an MBA text. It has helped us to understand that, while various systems of security are important, no system can overcome laxity, ignorance, or deliberate intent to harm. Necessary is a sustained culture and awareness; an efficient prism through which every activity is viewed from a security perspective prior to action. In the realm of risk, unmanaged possibilities become probabilities – read the book BEFORE you suffer a bad outcome – or propagate one.
By John Franks on 01/24/2009 9:09 am
CAROLINE MuLVEY
For Christmas I bought our Grand son a beginners race track for hot wheel cars. I thought I was purchasing from KB Toys. Then I received a bill from Amazon. com for 4 race tracks 2 were the same ones that I had ordered (only 1) and the other 2 were for a few years older. They charged my debit card. I had to call the bank and make a fraud complaint. They had me come down and sign a regulations “D” and get a new debit card. This was the second time that my ID was stolen. I am disabled and my Husband works on Sat. He really does not like to deal with crowds but I think next year we will go directly to the stores. I did get my $135.00 back from the bank and they will get their money from Amazon.com. I will never purchase any item on line again. It is to scary and to costly.
By CAROLINE MuLVEY on 01/24/2009 9:09 am
C jay
Jennifer, you might bring up TJX’s history in regards to their past security breeches, too. If you recall, they were “hacked” last year too, because they were using wireless without having upgraded to the designated firewall, by a “passerby with a simple laptop” who downloaded all the TJX customers credit card numbers, SS#, checking account numbers, et al. Perhaps it’s is just time that we stopped shopping at TJX stores. It doesn’t take a rocket scientist to have an IT department that puts security at the top of the list. Moreover, Congress passed the bill to remove our SS# from our Medicare cards, etc. It’s high time they did more. It wasn’t too long ago that we were clearly told to never give our our SS# to anyone. Then, that was diluted. My financial institution began advising us in the 70s to never have our DL, phone number, or SS number imprinted on our checks because merchandisers should be running them through at the point of sale. They only put that information on them to sell, however, it’s dangerous, as well, hence, I also give the wrong phone number, if asked - that comes from a “stalking” experience. The phone number should be useless now with so many people trashing them on an almost hourly basis with cell phones, etc. - I think some of my friends and myself are the old pfarts who can still be found by our old phone numbers. I can always hang up.
By C jay on 01/24/2009 5:48 pm
shirley adams
There only one way to protect yourself from any frauds you have to buy an extra policy on your home owner or renter policy to protect yourself. i learned the hard way, banks do help some but months later, i know i had three yes #3 frauds done on my accounts, my accounts were locked up for almost 90-days. no fun!!
By shirley adams on 01/25/2009 5:12 am
caj p
I think every time a credit card is used anywhere people should be asked for another form of photo ID that corresponds to name and the signature and if the cashier or whomever is not convinced we should be asked to re-sign that name again. Any person who is legitimate would not query that being done if done in their best interests…also I think it is high time for our credit cards to be swiped in front of us and not taken away so we don’t know what is going on. It is a shame that these people who do this for a living can’t turn it around and do something for the good of people as they are obviously very clever and that is a talent wasted….of course easy money is always preferable to working hard I guess and that is the shame of it.
By caj p on 01/25/2009 1:50 pm
Ro H
All these stories only prove my method to be the most viable one. Pay as I go. When the US Congress was doing this, we had a surplus - Now, of course, there is no way in the world our country can work on a pay go basis… At any rate, I finally got so fed up with all the mixups, the little extras and sometimes my own mistakes, I simply cancelled and destroyed all my credit and debit cards. Now, I can get a “prepay” card if I want. Even then, there are no perfect systems to protect my money with a prepay card… Cash or M.O.’s are still the better way - unless the M.O.’s get stolen, or lost in the mail… So, what are we to do? Perhaps we ought to design some kind of barter system, instead of monetary one. This idea has floated in and out for a lot of years - I actually like it when I am able to barter with a neighbor, for example. As long as everyone is happy with it. This would also mean we would have to buy, or trade, locally. Curious how this idea continues to come back at me. I hate the whole Global economy thing, and so many of our jobs being inter-operable, or sold overseas! I do not like the so called “free trade agreements” either. The USA still gets it in the end! Someone wrote they were tired of bending over, when I wrote that before… I laughed and laughed! Especially when we use the telephone to purchase, or even order services like satellite TV, and we get to talk with people from the Phillipines, or Asia, or even Canada. What? Where are the USA company’s Reps? Of course, there are always those who don’t like differing ideas or thoughts on such as this - ah, well. So where do we go from here?
By Ro H on 01/25/2009 11:05 pm
gulliver fourmyle
on-line banking’? to even encourage such is wild—-bankers don’t do it, and if you know any savvy banker—-they say, ‘no-way’.—-absolutely look at your statements—-‘on-line’ gamer-thieves may show-up—-$5.95 and so on—-and any ‘on-line’ shopper should be using No credit card—-but have a separate, limited ‘debit card’—-and NEVER (PP, etc.) become ‘verified’, using main acct. #s—- here come ‘the flying monkeys’—-
By gulliver fourmyle on 01/26/2009 3:33 am
John G
This is one of those statements that is just a repeat of your mom’s, “Wash your hands!” or “Brush your teeth!”. It takes me all of three minutes in the morning (every morning! and sometimes evenings too) to assure that I have not had any “extra” charges on any of my credit cards or any outside withdrawals on my bank and brokerage accounts…
By John G on 01/26/2009 9:29 am
caj p
It would be so much easier if we could all just use cash for everything we buy as number one most people wouldn’t be in debt for a start off as if they couldn’t pay cash they couldn’t get it. Of course that is not reality, but having to use credit cards for most things now is a problem with these highly intelligent people who are hell bent on making easy money off the backs of others. It doesn’t seem to matter what new safety guards are put in place to secure your monies they find a way round it eventually…..so it would be nice if the old fashioned way became vogue again and we just use cash.
By caj p on 01/26/2009 9:30 am
C jay
I have never signed the back of a credit card; instead, write “Ask for photo ID.” Once, a national airport security guard stole my wallet from my purse, and the only item that was attempted to be used was my voter’s registration card, in another state! Thank goodness my state’s registrar contacted me after looking up my history and noticing that when I have moved, they always had an advance notice of my intended move, and caught it!
By C jay on 01/27/2009 4:01 am
« first‹ previous12345