Recover Lost Documents

Card processor Visa has temporarily removed Heartland Payment Services, a leading processor of credit and debit payments, from Visa’s list of service providers that comply with Payment Card Industry Data Security Standards (PCI DSS). Visa’s action comes two months after Heartland first announced that it had suffered a data security breach.

Seamus McAfee stated in an article on CreditCards.com that PCI compliant service providers follow a strict set of data security standards to safeguard consumers’ card information and fight identity fraud and theft.

Visa has questioned Heartland’s security compliance, particularly when the processor was breached last year. Visa has stated that no merchant that has been PCI compliant has been compromised. Visa has said that it would re-place Heartland on its list of PCI compliant processors as soon as it is determined that the company meets the standards necessary.

Visa’s move is one of a considerable string of events since mid-January of this year, when Heartland determined that malicious software had compromised its data in 2008. The data potentially exposed from this breach includes card numbers, expiration dates, and other data from the card’s magnetic stripe. In some cases, the names of customers who used credit or debit cards at Heartland’s network of 250,000 businesses were determined to have been potentially exposed as well.

According to American Banker, many banks and credit unions are pursuing lawsuits to compensate for the money spent to inform customers of the breach, re-issuing cards and repairing accounts for people who were affected by fraudulent activities.

In late January, Heartland stated that it had created a department to develop end-to-end encryption, a data protection tool that could provide greater security than PCI.

Although three men were arrested for allegedly being involved in the data breach, they are believed to be end users and not the masterminds.