Move over TJ Maxx, payment processor Heartland Payment Systems has potentially leaked up to 100 million credit and debit accounts into the black market. That number, if verified, would make this the largest data breach on record. It also means the United States has managed to set two national records in the same day. Guess which one folks are paying attention to? Awful convenient, that. Heartland's problems began late last year when the company began to receive reports of fraudulent activity. There is no hard evidence that the company's data leak was responsible for the sudden surge of mysterious microtransaction fees we reported in early December, but the timing is extremely coincidental.
The December attacks were never successfully attributed to any single company or credit card, but instead affected a seemingly unrelated group of people with different banks, credit cards, and online shopping habits.
Heartland may—and I do stress may—have been the hidden link between them. The company's website suggests that it serves a wide range of small business customers, a perception that's reinforced by comments company president and CFO Robert Baldwin made to The Washington Post. "No merchant of ours represents even [one-tenth of one percent] of our volume, and to put out any name associated with what is obviously an unfortunate incident is not fair," Baldwin said. "Their customers might end up having their cards used fraudulently, but that fraud might turn out to have come from their store, or it might be from another Heartland store and no one will ever really know."
