Heartland Payment Systems is calling for the card-payments industry to better defend itself through information sharing and security.
In the week since Heartland disclosed a breach of its card-processing network, chairman and CEO Robert Carr said he has been in discussions with others in the industry “who are also concerned about the increasing success and frequency of cybercrime attacks.”
The lack of information-sharing in the industry, he said, contributes to “empowering cyber criminals to use the same or slightly modified techniques over and over again. I believe that had we known the details about previous intrusions, we might have found and prevented the problem we learned of last week.”
Heartland, which issued a press statement containing Carr’s remarks, wouldn’t provide further details about these discussions.
According to a spokesman, Heartland would like to see the recent breach incident used to help the industry find ways to better protect data by having payments processors work more closely together, possibly with law enforcement, to share information about attacks.
Carr is said to be a strong advocate of “end-to-end encryption — which protects data at rest as well as data in motion — as an improved and safer standard of payments security.” This technology does not “wholly exist on any payments platform today,” the Heartland statement claims.
The recent Heartland data breach is now believed to be associated with a criminal group engaging in global fraud.
To date, it’s not clear how many cards may have been stolen during the Heartland breach, and Carr said many press reports about the breach have been very “speculative.”
The Heartland statement issued today also said the firm has added more than 400 merchants to its client base in the past few days, claiming this customer growth exceeded results for the same period from last year.
Heartland attributes this customer growth to the company’s “transparency” and “fair dealings” and an “energized organization” that reached out to owners of more than 150,000 business locations in the past three days “to help them understand the breach and what it means to them.”
