Heartland Breach: Colorado Bank Reports New Fraud

5,000 Cards Blocked After New Fraudulent Transactions Reported
Heartland Breach: Colorado Bank Reports New Fraud
A Colorado bank has come forward to reveal that as many as 5,000 of its customers were at risk because of new fraudulent transactions tied to the Heartland Payment Systems data breach.

First National Bank of Durango, a $399 million institution, went public with the news on March 1, after several customers reported that their debit cards had fraudulent transactions on them.

"Please be aware that as a result of a security breach at Heartland Payment Systems, debit cards issued by the First National Bank of Durango may have been compromised," the bank announced. "To protect our customers, we have temporarily blocked all point of sale purchases. Debit cards will still work at the ATM. It is important to note that there was not a security breach at First National Bank of Durango, our systems remain secure. The breach occurred at a third party processor."

Additional staff was added by the bank to handle the front-end calls from customers.

Moni Grushkin, the bank's senior vice president, says the first customers to come forward late last week reported strange charges on their bills. As First National bankers met to discuss the situation, they heard from several more customers and their credit card processor that several debit cards had been compromised. Fewer than 20 customers had reported fraudulent charges by early this week.

First National says it has received a list of up to 5,000 card numbers, or one fourth of the debit cards it has issued, that may be compromised. No fraud amounts on the compromised cards were revealed.

Albert Gonzalez, the hacker who broke into Heartland's and other networks, was indicted and pled guilty to the crimes, but Grushkin speculates that his criminal partners didn't use these particular card numbers until media attention cooled down.

"This isn't just a First National problem," Grushkin says. "I'd be interested in hearing about other banks here that have been affected."


About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network