Heartland Breach Hits Home

Brent Finnegan -- January 22nd, 2009

It’s quite possibly the largest data breach in history: credit and debit card payment processor Heartland Payment Systems may have compromised tens of millions of transactions due to malicious software in the company’s processing network.

The effect has been far-reaching, including bank customers in the Valley. John Marr and Tina and Sheena (who wanted their last names withheld) all live in or near Harrisonburg. Their credit was stolen during the breach.

John said, “I received a phone call on Saturday morning at about 10 a.m. from SunTrust. The woman on the other end of the line asked if I was in Florida. When I answered no, she explained that my card had just been used at a WalMart in Florida.”

Last weekend, people across America were getting the same sorts of calls from their banks.

Everyone I’ve heard from said their bank is helping them recover, but for some, it might not be soon enough. Tina said the breach has affected her “in a lot of ways: Not being able to pay my bills that are due now, or will be due.” John said he uses a credit card for just about everything, and hasn’t/won’t be able to buy anything until the new card arrives in the mail.

John said he had to cancel his credit card, and change account numbers. “I’ve contacted each bank and credit card company I have an account with to warn them to be on the lookout for fraud. I’ve also notified all three credit bureaus to be on the lookout for fraudulent activities.”

Sheena hopes to be reimbursed for her losses in seven to ten days. Tina said her bank, BB&T, helped her claim fraud. “They are also working with me as closely as possible to restore my account. I wish there were other ways we could avoid this, but that’s just far-fetched. More protection for debit cards would be great. More security.”

8 Responses to “Heartland Breach Hits Home”

  1. Brooke says:

    Do we know what banks or merchants were affected by this other than BB&T?

  2. John Marr says:


    Thank you for writing this. I now know of about 15 people that have been affected, and the number is growing everyday. I think it’s important to give everyone a “heads-up” about the situation.


    It’s not just BB&T. I have SunTrust, other people I have spoken with use Bank of America and Wachovia.
    The breach has nothing to do with your specific bank, it is all about where you’ve shopped. The breach affects anyone who swiped their card at a business that dealt with Heartland. Heartland won’t release the names of the businesses they deal with, but they process transactions for over 250,000 businesses nationwide. From what I understand most businesses don’t even know if their credit cards are processed through Heartland.

    In short there is no way of knowing if you are at risk. They extimate that about 100,000,000 accounts may have been compromised. Just keep a close watch on your accounts in the future.

  3. Emmy says:

    Wonder if this is what happened to me.

  4. Renee says:

    Yes, thanks for the “heads-up”.

  5. Brooke says:

    Yikes. Yeah, as soon as I read the linked article, I went and looked at my account just to be sure there was nothing hinky on there. I’m kind of glad that I recently replaced my debit card when I (temporarily) misplaced my keys and wallet, so hopefully if my information was part of what was stolen, it was the old card, and not the new one.

  6. Thanh says:

    For added clarification. This affects both bank debit AND CREDIT cards. From the article referenced above:

    “Robert Baldwin, Heartland’s president and chief financial officer, said the company, which processes payments for more than 250,000 businesses, began receiving fraudulent activity reports late last year from MasterCard and Visa on cards that had all been used at merchants which rely on Heartland to process payments.”

    John Marr’s reference to Suntrust above, regards our Suntrust credit card account, which we regularly use. (He’s my husband.)

    What really gets me thinking is that the company had chosen to make this information public on Inauguration Day when everyone’s attention is focused elsewhere. From another article from ComputerWorld :

    “According to the spokesman, Heartland … didn’t uncover the system intrusion until last week, despite having hired two forensics companies to investigate the situation.”

    If they found out last week, why not let the public know last week?

    Just a thought. Interested to see what becomes of this investigation.

  7. blondiesez says:

    Well, that would explain why my husband’s BOA card has been replaced by the bank. Not seeing anything odd on the bank statements, but it does give one pause.

  8. Thanh says:

    This article was in the DNR, “Valley Credit, Debit Cards Stolen” http://www.dnronline.com/details.php?AID=35415&CHID=2

Reader Tweets

Latest Flickr photos in the hburgnews Flickr pool
Announcements & Press Releases
  • Friendly City Grand Opening Set for July 9

    Friendly City Food Co-Op, Harrisonburg’s consumer-owned grocery, invites the community to come see its new destination for natural, organic and locally-produced products at the store’s grand opening 11 a.m.-5 p.m. July 9 at 150 East Wolfe Street.

  • Friendly City Becomes Member of National Cooperative Grocers Association

    HARRISONBURG, VA — Friendly City Food Co-op, slated to open this month in Harrisonburg, Va., has become the newest member of the National Cooperative Grocers Association (NCGA), a business services cooperative serving 120 consumer-owned food co-ops nationwide.

  • Harrisonburg Recognized as a Bike Friendly Community

    May 2: Harrisonburg was honored when the League of American Bicyclists announced the latest round of Bicycle Friendly Community (BFC) designations over the weekend to kick off May as National Bike Month.