Quote:
Originally Posted by mbpark
Then again, knowing some of the middle managers I deal with in IT, nothing they do makes sense to anyone but themselves.
|
The funny thing is that this is 2 years after the TJX computer intrusion, which cost that company
256 million dollars!! So with all of that history, and considering that, unlike TJX, their entire company is built around computer data, one would think that they would be hyper-secure.
Well, it appears that there is significant progress in the Heartland case. The company has created a
website to
inform the public. Note the use of the word unencrypted. They are not saying that PIN numbers weren't taken, just that if they were they were encrypted.
I am so glad that California and then Congress passed a law requiring notification in cases like this. Does anyone want to bet on whether TJX and Heartland would have announced the breach if they weren't forced to by law?
Quote:
No confidential merchant data, Social Security numbers, unencrypted personal identification numbers (PIN), addresses or telephone numbers were retrieved in what is believed to be a global cyber-fraud operation. Heartland does not yet know how many card numbers were obtained. Many reports in the press are speculative.
Consumers will know if their card account numbers have been used by reviewing their monthly statements. Cardholders should report suspicious activity to their issuing banks (the bank that issued the card, not the card brand). If unauthorized use is confirmed, cardholders are reimbursed for the fraudulent purchases and are not held financially responsible.
|
__________________
Exercise your rights and remember your obligations - VOTE!
I have always believed that hope is that stubborn thing inside us that insists, despite all the evidence to the contrary, that something better awaits us so long as we have the courage to keep reaching, to keep working, to keep fighting. --
Barack Hussein Obama