Heartland Payment Systems

NYT Goes Deep On Albert Gonzalez Story

You might think everything that needed to be said already has been said about Albert Gonzalez, the mastermind behind the largest public computer security breaches in U.S. history. But the lengthy and up close account of Gonzalez in the New York Times today shows that there are more layers to what is, perhaps, the most spectacular hacking case in recent memory.

Heartland Settles with MasterCard

Heartland Payment Systems has made a third
settlement deal, this time with MasterCard, related to a massive data
breach two years ago at the card payments processor. As part of
the deal, Heartland has agreed to pay as much as $41.1 million to
MasterCard issuers that lost money. Read the full article. [IDG News Service]

Heartland Payment Systems on Jan. 8 announced that it has agreed to pay up to $60 million to Visa to cover losses to credit and debit cardholders affected by the massive data breach Heartland suffered in 2008. Read the full article. [eWEEK]

Notorious hacker Albert Gonzalez pleaded guilty Dec. 29 to conspiracy to hack into the computer networks of Heartland Payment Systems, 7-11 and Hannaford Brothers and faces sentencing between 17 and 25 years on top of his previous guilty plea for the TJX breach and others. Read the full article. [eWEEK]

A Cyber Forensics panel at the U.S Spy Museum discussed data breaches and the effects one bad hacking event can have; The panel discussion included the CEO of Heartland Payment Systems, whose company was the victim of a very large, very publicized data breach in 2008. Read the full article. [Dark Reading]

Visa has announced new global best practices for data field encryption, also known as end-to-end encryption – a much-discussed solution in the wake of the Heartland Payment Systems breach.
Announced by the global credit card company on Monday, these best practices are designed to further the payment industry’s efforts to develop a common, open standard while providing guidance to encryption vendors and early adopters. Data field encryption protects card information from the swipe to the acquirer processor with no need for the merchant to process or transmit card data in the “clear.”  Read the full story [govinfosecurity.com]

The news that federal authorities have indicted the man they claim is responsible for the TJX attack for also allegedly hacking into the networks of Heartland Payment Systems, 7-Eleven and the Hannaford Brothers grocery chain shows that law enforcement is indeed stepping up its work on cybercrime. But it also provides what is probably the clearest evidence to date that the people executing these attacks are highly competent, organized and motivated.

A Miami man and two Russians have been indicted [usdoj.gov] by a grand jury in New Jersey on charges of conspiring to commit some of the largest data breaches in U.S. history.

Albert Gonzalez, 28, and the two still-unnamed Russian citizens are charged with running an international scheme to steal more than 130 million credit and debit card numbers along with personally identifying information from five companies, including Heartland Payment Systems Inc., 7-Eleven Inc. and Hannaford Brothers Co. The two other companies were not named in the indictment because their breaches have not yet been made public.  Read the full story [computerworld.com]  Here’s a PDF link to the indictment [washingtonpost.com]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.