St. Petersburg Times Interview: Heartland's Chief Information Officer
Wednesday, February 09, 2011
Recently, the St. Petersburg Times interviewed Steven Elefant, the Chief Information Officer Heartland Payment Systems hired after its disastrous data breach in 2009. With 130 million debit/credit card numbers stolen, that data breach was the largest corporate data breach in history. Consumers at banks and credit unions were affected. Several class-action lawsuits resulted and Heartland paid numerous fines, as banks had to reissue debit/credit cards to affected breach victims.
Prior to joining Heartland, Elefant held positions within the U.S. Secret Service and the F.B.I. crimes tasks forces. I found some of Elefant's comments very interesting, as it highlights the global nature of identity theft and fraud. About the person caught and convicted of the breach:
"... Gonzalez was not the mastermind. He was working with organized criminal rings in Eastern Europe, Ukraine and Russia. They will sell your stolen credit card numbers today over the Internet for $5 to $20 apiece. U.S. law enforcement knows exactly who they are but cannot get them extradited. Some of these countries have no cyber crime laws, so they cannot arrest them there..."
Thieves make money with stolen debit/credit card account information when they:
"... sell the numbers to other bad guys who obtain blank cards and an imprinter — used ones are available on eBay or Craigslist — and print their own credit cards or make counterfeit gift cards. They use the cards to buy big-ticket items like a $1,000 TV they sell for $500 to people who don't realize it's stolen merchandise."
About how Heartland's retail clients have responded after the breach:
"We lost very few clients and have been flat since then. So far about 10,000 of our 250,000 merchants have adopted end-to-end encryption."
If you want to learn more about Elefant, there is a good article at BankInfo Security.
Comments
You can follow this conversation by subscribing to the comment feed for this post.