Malicious software injected into the payment processing network of a major US credit-card processing company could have led to one of the biggest data breaches ever reported, it has emerged.
Heartland Payment Systems has said the activity of cyber criminals had compromised its payments network. Some customer records may have been improperly accessed.
Potentially tens of millions of credit and debit card transactions could be involved. The business handles 100 million card transactions every month for 175,000 merchants.
Robert Baldwin Heartland’s CFO, said in a USA Today interview that the intruders had access to Heartland’s system for ‘longer than weeks’ in late 2008. He also said that the spyware has been described as being ‘light-years more sophisticated’ than the sort of maleware that is commonly downloaded from the web.