Heartland CEO calls for industry cooperation to fight cyber criminals
26 January, 2009
category: Contactless, Digital ID, Education, Financial
In light of the recent security breach reported by Heartland Payment Systems, its CEO has called for more “information sharing” among payments companies and others. “I have talked to many payments leaders who are also concerned about the increasing success and frequency of cyber crime attacks,” Robert Carr, Heartland’s founder, noted.
“Up to this point, there has been no information sharing, thus empowering cyber criminals to use the same or slightly modified techniques over and over again. I believe that had we known the details about previous intrusions, we might have found and prevented the problem we learned of last week,” he added.
He said Heartland’s goal is to turn this event into something positive for the public, the financial institutions which issue credit/debit cards and payments processors.
Heartland learned it was the victim of a security breach within its processing system in 2008. The company believes the intrusion has been contained and that its campus solutions, including its Give Something Back Network, were not affected. No confidential merchant data, Social Security numbers, unencrypted personal identification numbers, addresses or telephone numbers were retrieved in what is believed to be a global cyber-fraud operation. Heartland does not yet know how many card numbers were obtained.
“Just as the Tylenol crisis engendered a whole new packaging standard, our aspiration is to use this recent breach incident to help the payments industry find ways to protect its data – and therefore businesses and consumers – much more effectively,” Carr said.
Over the past few days, Carr has been talking to many industry leaders about working together to fight the cyber criminals who victimized Heartland and continue to jeopardize companies, consumers and data worldwide.
For the past year, he has advocated industry adoption of end-to-end encryption, which protects data at rest as well as data in motion, as an improved and safer standard of payments security. While he believes this technology does not wholly exist on any payments platform today, Heartland has been working to develop this solution and is committed to deploying it as quickly as possible.
Heartland also noted that it has added more than 400 merchants to its client base in the past few days, exceeding results for the same period from last year.
“Our organization and business model founded on fair dealings, transparency and merchant advocacy have paid off these past few days,” said Carr. “This is demonstrated in the continued organic growth of our merchant base…since our disclosure of the breach…”