Heartland Data Breach: 22 More Institutions Linked

Banks, Credit Unions Informing Customers of Potential Risks If your institution has been affected in the Heartland breach and you are not on this list, please send an email to editor@bankinfosecurity.com. Include your name, email, and a phone number where you may be contacted for verification.

Twenty-two additional financial institutions have informed their customers that their credit or debit cards were among those compromised in the Heartland Payment Systems (HPY) breach. Heartland Payment Systems data breach coverage

Heartland, the sixth-largest payments processor in the U.S., announced on Jan. 20 that its processing systems were breached in 2008, exposing an undetermined number of consumers to potential fraud.

The latest institutions to announce their connection to the breach are:

Washington State Employees Credit Union, Olympia, WA;

Beacon Credit Union, Wabash, IN (See what Beacon told their members about the Heartland Breach);

Community First National Bank of Mountain Home, Mountain Home, AR;

Industrial Credit Union of Whatcom County, Bellingham, WA;

Great Southern Bank, Springfield, MO;

CU Community Credit Union, Springfield, MO;

North Country Savings Bank, Canton, NY;

Wright-Patt Credit Union, Dayton, OH;

Bank of Utah, Ogden, UT;

The Citizens Bank of Swainsboro, Swainsboro, GA;

Spokane Media Federal Credit Union, Spokane, WA;

Bee Credit Union, Tumwater, WA;

Heartland Bank, St. Louis, MO;

U.S. Bank, St. Louis, MO;

Bank of America, St. Louis, MO;

Franciscan Skemp Credit Union, La Crosse, WI;

Mid America Bank & Trust Co., Rolla, MO;

First Community National Bank, Steelville, MO;

1st Source Bank, South Bend, IN.

The news of these latest institutions informing their customers of the Heartland breach follows the filing of the first lawsuit against Heartland Payment Systems (HPY). One week after the Heartland Payment Systems (HPY) breach was announced, a class action lawsuit was filed by Chimicles & Tilellis LLP of Haverford, PA in the U.S. District Court for the District of New Jersey on behalf of Woodbury, MN resident Alicia Cooper. It asserts that Heartland "made unreasonably belated and inaccurate statements concerning the breach."

The complaint says Heartland does not appear to be offering any credit monitoring services or other relief to consumers affected by the breach. Chimicles & Tilellis' complaint also says in addition to the questionable timing of the announcement of its breach, "there are materially misleading statements and omissions in Heartland's public description of the breach and its consequences."

About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.