Heartland Payment Systems suffered one of the largest breaches in history in 2008, when over 100 million credit and debit cards issued by hundreds of financial service companies were stolen from their payroll payment processor. That breach reportedly cost the company over $100 million in costs, fines and penalties.
Heartland has notified approximately 2,200 individuals that their personal information was stolen when an intruder broke into the physical office of one of Heartland’s offices located in Santa Ana, CA and took off with 11 computers, 4 of which contained personally identifiable information, which may include Social Security numbers and bank account information. Reports indicate that although the computers were password protected, unfortunately, they were not encrypted. A basic security concept is to mitigate losses, learn from previous incidents, and implement processes so incidents won’t happen again. In reviewing risks, take into consideration physical, technical and administrative safeguards of both paper and electronic records. A physical burglary can happen, and it is no different than losing a laptop or being the victim of a cyber-hacking incident.