If your institution has been affected in the Heartland breach and you are not on this list, please send an email to editor@bankinfosecurity.com. Include your name, email, and a phone number where you may be contacted for verification.

Last week a small credit union in Maine thought it had seen the last of the Heartland Payment Systems data breach that had affected 261 of its members' credit cards. Officials now report they weren't as lucky as they thought. The number of compromised cards now has tripled, and the fraud reported may top $70,000.

The HealthFirst Credit Union of Waterville had been notified by its card services department that 261 cards had been compromised. The fraud reports began on January 12, when a member called in saying her debit card had been used to take money from her account, says Lynda Quirion, a credit union employee. The credit union, she says, had been involved in compromises in the past, "but certainly not to this extent." In all, there were about 130 members who had money debited from their accounts. Shortly after the credit union finished contacting the 261 members, it received more bad news--another 550 more cards were affected. "We are trying to get a handle on all of this 'mess.' That puts our total cards compromised at a little over 800 cards," Quirion says. The total amount of fraud the credit union has tallied so far from member cards being debited is between $60,000 to $70,000.

Click to Get Updates on the Latest Information Security News

Company* Title* Email* Subscription Type: HTML Text Government Enews General Government Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Banking Enews General Banking Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Credit Union Enews General Credit Union Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Need Help?

"These funds were all withdrawn in the US, with most of the transactions taking place in Florida and Texas," Quirion says. The first couple of weeks, the transactions were happening at Wal-Mart, but much of the money is being debited at gas stations, convenience stores, fast food restaurants and some department stores.

Quirion expresses frustration at what the credit union's members and employees are being subjected to because of this breach. "The cost of replacing the cards is around $2,500, and we are a tiny credit union, and our employees 'wear many hats,' We've all been involved in blocking compromised cards, ordering new cards, and calling members regarding the breach since January 12," she says.

Quirion estimated that the employees at the credit union have spent about 300 hours to date working on containing the breach's fallout among its members.