The Field Report with Tom Field

Heartland: Why it Matters

Heartland: Why it Matters

You can't get away from this story.

Since we first broke the news about the Heartland Payment Systems (HPY) data breach back on Jan. 21, this story has just dominated conversation in and about our industry.

On our site, the latest news updates and interviews have proven enormously popular.

And off our site, in the popular media, our coverage has drawn attention from the likes of KPCC, Southern California Public Radio, and most recently the Baltimore Sun.

The Heartland case has become so big, actually, that we built a special page to host all our coverage. News, articles, interviews, alerts - if you want the latest news and archives on Heartland, go here.

Now, at first I attributed this story's resonance to timing. The news broke on Inauguration Day, when the only other big news story in town was ... well, the inauguration.

But then, as the popular media and pundits got hold of it, the appeal seemed to be FUD - Fear, Uncertainty and Doubt. No one knew exactly how many institutions, cards or consumers might be impacted by this breach, and just knowing that Heartland processes 100 million transactions per month ... yeah, if you let your mind wander, it's scary stuff.

Now, though, I feel like I'm getting a true handle on the significance and impact of this story. And it comes from seeing the number and names of institutions affected by the breach. Have you been paying attention to the growing list? All week, we've been reporting the latest institutions to go public with their involvement, and every day that list has grown. We've gone from 12 to 20 to nearly 30, and who knows what today's news will bring?

What really hammered home the Heartland impact, though, is a note I received yesterday from an executive at a Colorado federal credit union:

"We are a small institution and have in the past two weeks been notified of approximately 400-600 cards of ours that were in the files. Our questions are: Where did this all happen, what merchant? And who's going to pick up our expense of reissuing the cards to our members?"

That really says it all, doesn't it? How did this happen, and who's going to pay to make good?

We've already seen the first customer-centric class action suit in this case, and I bet banking institutions aren't far behind. Why should they bear the burden and expense for a breach that didn't happen on their watch or to their own systems? It's TJX and Hannaford all over again - the banks pay for other businesses' mistakes. At what point does the banking industry rise up like Peter Finch in the movie "Network" to say "I'm as mad as hell, and I'm not going to take this anymore ...?"

And those are only a few of many unanswered questions about this case. As we're sitting here thinking about this now, investigators are out there trying to figure out exactly how big the Heartland breach is - and how much fraud truly has been committed.

As big as this story has been the past two weeks? My gut tells me it's only going to get bigger.

Stay tuned.



About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.