Skip to content
BOL Conferences
Learn More - Click Here!

Page 1 of 2 1 2
New Reply Thread Options
#1117479 - 01/26/09 10:05 PM Heartland Breach - 600 million affected?
Anonymous
Unregistered

I need to know what other community bankers are doing in response to the Heartland Breach.
If you don't already know, information is available at www.2008breach.com. Some sources are saying 600 million debit and credit card numbers - including MasterCard, Visa, American Express, and Discover Financial - were compromised. Your vendor (the entities on the back of your debit and credit cards) can tell you if your bank was affected. (Non-bankers, your bank can tell you or soon will be able to tell you).

Our vendor has said we have the option of issuing all new cards to all affected customers (at a cost of over $20,000 to the bank, which will not be reimbursed), or issuing letters to all affected customers (still will cost thousands and lots of time and staff). If your bank or financial institution is affected, please respond with:

# of affected cards - Response chosen (letter or automatic card replacement) - estimated cost - Your region (i.e., Westcoast, Southeast, Eastcoast, Midwest)

Ours:
4,000 cards - Sending a letter - estimated cost $1,500 plus staff time - Region = Southeast

I think we need to get a feel for what others are doing so our response makes sense within the context of the rest of the country. If this has been addressed elsewhere at BOL, please advise.

Thank you!

Return to Top Reply Quote Quick Reply Quick Quote
#1117600 - 01/27/09 04:42 PM Re: Heartland Breach - 600 million affected? Retired DQ
Anonymous
Unregistered

Upstate NY approx 2000 cards, letter and reissue. Don't have the est. cost on hand right now.

Return to Top Reply Quote Quick Reply Quick Quote
#1117606 - 01/27/09 04:57 PM Re: Heartland Breach - 600 million affected? Anonymous
Anonymous
Unregistered

Texas (Houston area) approx 1200 cards, letter and reissue. Aprox cost $6000.00. Not including possible loss from card that have been compromised $5500.00. OUCH!

Return to Top Reply Quote Quick Reply Quick Quote
#1117720 - 01/27/09 09:41 PM Re: Heartland Breach - 600 million affected? Anonymous
straw Offline
Power Poster
straw
Joined: Nov 2002
Posts: 9,121
Phoenix AZ approx 12000 cards, letter and reissue. About $35000 cost, not including confirmed $12000 in fraud losses (and likely to be more).

Return to Top Reply Quote Quick Reply Quick Quote
#1117724 - 01/27/09 11:11 PM Re: Heartland Breach - 600 million affected? straw
Princess of Power Offline
Gold Star
Princess of Power
Joined: Aug 2002
Posts: 406
Napa, CA
Napa CA, so far 25 cards - letter & reissue. Losses to date exceed $10,000 & growing.

Return to Top Reply Quote Quick Reply Quick Quote
#1117726 - 01/27/09 11:21 PM Re: Heartland Breach - 600 million affected? Princess of Power
ApacheBelle72 Offline
Platinum Poster
Joined: Sep 2006
Posts: 652
Texas - 800 cards and still getting reports everyday!!! I hate this.

Return to Top Reply Quote Quick Reply Quick Quote
#1117951 - 01/28/09 03:39 PM Re: Heartland Breach - 600 million affected? ApacheBelle72
ahou Offline
Power Poster
ahou
Joined: Aug 2002
Posts: 3,094
Are your losses coming from outside the US?
_________________________
Opinions are my own and not of my employer.

Return to Top Reply Quote Quick Reply Quick Quote
#1118968 - 01/29/09 04:10 PM Re: Heartland Breach - 600 million affected? ahou
WonderWoman Offline
Diamond Poster
WonderWoman
Joined: Mar 2007
Posts: 2,108
gone fishin'
approx 1,000 - letter & manual card replacement - unknown cost no losses taken (we've blocked all signature based transactions in Mexico & that has reduced our lossess significantly) - Northern CA.
_________________________
My opinions are my own, and not that of my employer.

Return to Top Reply Quote Quick Reply Quick Quote
#1121815 - 02/03/09 05:17 PM Re: Heartland Breach - 600 million affected? WonderWoman
risk08 Offline
New Poster
Joined: Jun 2008
Posts: 16
MidAtlantic region- 2,300 + cards; 10,000 cost for replacing. Contacting customers, hotcarding and replacing.

Return to Top Reply Quote Quick Reply Quick Quote
#1124597 - 02/06/09 03:21 PM Re: Heartland Breach - 600 million affected? risk08
Anonymous
Unregistered

Is everyone reissuing for cards that are low risk as well?

Return to Top Reply Quote Quick Reply Quick Quote
#1124615 - 02/06/09 03:40 PM Re: Heartland Breach - 600 million affected? Anonymous
CSB98 Offline
Diamond Poster
Joined: Dec 2003
Posts: 1,337
Wisconsin
We have decided not to automatically reissue for those that are low risk. We are leaving it up to the customer whether they want to order a new card or not.

Return to Top Reply Quote Quick Reply Quick Quote
#1124639 - 02/06/09 04:02 PM Re: Heartland Breach - 600 million affected? CSB98
Wisco Crime Stoppers Offline
100 Club
Wisco Crime Stoppers
Joined: Jan 2009
Posts: 205
Packer Country
Visa or Master Card doesn't require us to reorder but what happens if the customer comes forward a while down the road and makes a complaint will they still reimburse them? What is the time frame that customers need to notify of a problem. Also, do any Financial's get reimbursed from these card companies for reissuing for the high risk? I doubt it, but thought I would throw it out there.
_________________________
“Hakuna Matata”

Return to Top Reply Quote Quick Reply Quick Quote
#1125875 - 02/09/09 03:21 PM Re: Heartland Breach - 600 million affected? Wisco Crime Stoppers
risk08 Offline
New Poster
Joined: Jun 2008
Posts: 16
Is anyone sending a letter to their customers whose card has been compromised? If so, would you be willing to share your verbiage.

Thanks!

Return to Top Reply Quote Quick Reply Quick Quote
#1125889 - 02/09/09 03:34 PM Re: Heartland Breach - 600 million affected? risk08
Retired DQ Offline
10K Club
Retired DQ
Joined: Dec 2002
Posts: 40,766
Turnpike Exit 10
Sure, send me a PM with your email address.
_________________________
Get your facts first, then you can distort them as you please. - Mark Twain

Return to Top Reply Quote Quick Reply Quick Quote
#1126988 - 02/10/09 05:35 PM Re: Heartland Breach - 600 million affected? Retired DQ
Comply 101 Offline
Platinum Poster
Comply 101
Joined: Jul 2001
Posts: 708
Has anyone talked to their core processor about utilizing a neural network system that monitors and shuts down debit card activity that appears fraudulent? I used to work for a bank that would not always reissue cards during a major compromise. They felt with the software in place, it protected the bank from low and intermediate breaches. They kept an Access database of compromised card notices from Visa Cams and compared that to unusual debit card losses. If they saw trend losses in a previous Cams alert, where cards were being affected, they could make a decision to cancel and reissue from that previous alert.
Metavante banks have a solution called PRM. Fiserve has something similar as well. I am not suggesting this time that banks don't reissue, as we have all seen some pretty large losses. But now is the time to consider some type of procedure that takes a risk management approach to reissuing or not in the future. Spending more money on reissuing cards than what you would experience in future losses doesn't make much sense. Not taking into consideration the inconvenience of the customer. God forbid-what if we have another major breach in six months. How do you explain to your customer that their card has been compromised again, when their Chase credit card that they have had for twenty years has never been cancelled??
_________________________
CRCM CAMs

Return to Top Reply Quote Quick Reply Quick Quote
#1127198 - 02/10/09 07:22 PM Re: Heartland Breach - 600 million affected? Comply 101
QueenBB Offline
100 Club
Joined: Jan 2006
Posts: 190
TX
In middle of Texas, 1,000 cards hotcarded with new ones issued; no known losses; letters sent to those possibly compromised (letter from Fifth Third as an example); cost of $5,000

Return to Top Reply Quote Quick Reply Quick Quote
#1129299 - 02/12/09 11:42 PM Re: Heartland Breach - 600 million affected? Anonymous
ShawnOK Offline
New Poster
Joined: Mar 2008
Posts: 2
Oklahoma
Small community bank in Oklahoma with 3 branches - approx. 1000 cards affected (so far!), sending letter with new card in it for them to activate, expiring current cards in March, cost is about $3000 and rising.

Return to Top Reply Quote Quick Reply Quick Quote
#1130340 - 02/13/09 11:57 PM Re: Heartland Breach - 600 million affected? ShawnOK
AuditorK Offline
Platinum Poster
Joined: Feb 2003
Posts: 962
PA
With reissue costs per card as low as what everyone is reporting, I assume no one is paying for the extra fraud reporting (and expensive) "continued protection" available?

Return to Top Reply Quote Quick Reply Quick Quote
#1130347 - 02/14/09 12:53 AM Re: Heartland Breach - 600 million affected? AuditorK
Anonymous
Unregistered

Western US, 34,000 cards. No reissue and no letter. We are using VISA DPS and have had no fraud related activity on the cards to date. Similar experience with TJ Maxx with same response and we had a very good outcome with no impact to customers and limited losses (significantly less than cost of a re-issue) to the bank.

Return to Top Reply Quote Quick Reply Quick Quote
#1133724 - 02/20/09 10:53 PM Re: Heartland Breach - 600 million affected? Anonymous
Anonymous
Unregistered

Southeast. 7,000 cards. No reissue, no letter. Statement stuffer "Watch for fraud and alert us of any problems...Your card may have been affected by a breach affecting hundreds of millions of cards of all card types nationwide..."

Return to Top Reply Quote Quick Reply Quick Quote
#1137379 - 02/27/09 04:40 PM Re: Heartland Breach - 600 million affected? Anonymous
ksm Offline
Gold Star
ksm
Joined: May 2003
Posts: 302
Midwest
We have been notified of compromised cards, but no documented loss other than card replacement. Should we file a SAR? I do not think law enforcement will benefit from knowing we had cards that may have been compromised. What are others doing?

Return to Top Reply Quote Quick Reply Quick Quote
#1345577 - 02/18/10 07:27 PM Re: Heartland Breach - 600 million affected? ksm
Kaos Offline
100 Club
Kaos
Joined: Dec 2002
Posts: 130
I'm bumping this back up since it didn't get an answer. For informational purposes, did anyone actually file a SAR on this?

Return to Top Reply Quote Quick Reply Quick Quote
#1345718 - 02/18/10 09:24 PM Re: Heartland Breach - 600 million affected? Kaos
ItNeverEnds CRCM Offline
Platinum Poster
Joined: Oct 2006
Posts: 995
Looking for my sanity
No we didn't. Our fraud was under the 25k for unknown suspect. We did have another localized merchant breach a year or so before this that was happening when the FDIC was here and they commented that they felt we should file a SAR even though our losses were under the reporting limits. Visa was already involved at that point and I thought what would the point be. I feel the same with Heartland, what would the point of filing SARs when the whole world already knows about it. But if you look at the definitions, it does appear that if it meets the reporting thresholds we should file. Anyone else have any thoughts or experience with this?
_________________________
"The reason I talk to myself is because I'm the only one whose answers I accept."
- George Carlin

Return to Top Reply Quote Quick Reply Quick Quote
#1345851 - 02/19/10 01:20 AM Re: Heartland Breach - 600 million affected? ItNeverEnds CRCM
Kaos Offline
100 Club
Kaos
Joined: Dec 2002
Posts: 130
We didn't meet the threshold either. Did anyone file it under "computer intrusion"?

Return to Top Reply Quote Quick Reply Quick Quote
#1345881 - 02/19/10 11:34 AM Re: Heartland Breach - 600 million affected? Kaos
Retired DQ Offline
10K Club
Retired DQ
Joined: Dec 2002
Posts: 40,766
Turnpike Exit 10
I wouldn't file a SAR, the authorities know about, the regulators know about it, they caught the perpetrators (if I remember correctly), it would be an unnecessary filing IMHO.
_________________________
Get your facts first, then you can distort them as you please. - Mark Twain

Return to Top Reply Quote Quick Reply Quick Quote
Page 1 of 2 1 2
Quick Reply:
HTML is disabled
UBBCode is enabled




Moderator:  MagicCity, P*Q, Truffle Royale