Large scale credit card attack exposed

As many of you may have heard by now, Heartland Payment Systems has released news that it ha been the target of an attack in 2008. What does this really mean to a regular person? A payment processor is a company that works as a middle-man between credit card transactions and financial institutions. When you swipe your card at a restaurant it likely goes through a third party validation process before Visa or the debit card companies collect the money from your account for the transaction. It is basically the person who says "Hi there, this person wants to give money for this item/service, let's make a deal!" what that also means is that a large volume of credit card information gets sent to Heartland's servers for processing.

Software targeted specifically to lift magnetic stripe data made its way into their transaction servers and began to send this data to a third party. Because proper reporting mechanisms weren't in place, the company had no idea this information was being beamed to another location. As such, it is estimated that 100 million transactions have been lifted. This is quite a bit more than the estimated 94 million accounts compromised by TJX.

Should you be worried? Luckily track data on credit cards doesn't give out much information. Really the only thing that is on your magnetic stripe is the account number and some other bits of information processors need to create a transaction. Essentially they can duplicate your credit card. What they don't have is your PIN, the verification code on the back of the card, or any personal information more than your name and possibly address.

Your course of action? Watch your purchase statements closely on any of your credit/debit cards. If you see transactions you didn't authorize call your bank/credit card company and have them freeze your account immediately. If a transaction from your card number was logged, Heartland is likely notifying your issuer and you may see a new card created in the near future.

Often times these card numbers are sold, and it could be months before someone even attempts to pull money from the account. A new card issued to you, will remedy the situation.