Cybercriminals have gained access to millions of credit card
transaction details, a US electronic payments processing company
has revealed.
Forensic investigators have uncovered malicious software that
compromised data that crossed the network at
Heartland Payments Systems, the company said in a
statement.
The number of credit card details exposed by the intrusion has
not been disclosed, but Heartland handles around 100 million
transactions a month for 250,000 US organisations.
In light of these numbers, the Heartland data breach could far
exceed the
45 million identities stolen from nine US retailers including
TJX in 2007.
"We understand that this incident may be the result of a
widespread global cyber fraud operation," said Robert Baldwin,
president and CFO at Heartland.
The company is co-operating closely with the US Secret Service
and Department of Justice, he said.
No merchant data or cardholder social security numbers or
contact details were involved in the breach, the company said.
Heartland conducted the investigation after alerts last week
from Visa and MasterCard of suspicious activities connected with
credit card transactions.
The company said the security breach has been contained, but
advised cardholders to examine their statements closely and report
any suspicious activity to card issuers.