Heartland (HPY) Implements E2EE System

From Heartland Payment Systems

“Monday’s successful test involved Zones 1, 2, 3 and 4,” detailed Steven M. Elefant, Heartland’s executive director of end-to-end encryption. “We believe that protecting data in these zones alone will significantly impact the protection of cardholder data.

ISR News: CardSystems Breach Spurs Suit

Excerpts From Digital Transactions

Four years later, the fallout from the notorious CardSystems Solutions Inc. data breach—at the time the biggest hacking of payment card data ever—surfaced last week and looks like it could go on for months or even years. Merchant acquirer Merrick Bank Corp. is suing Savvis Inc., the company that inspected CardSystems before the breach, for alleged negligence because Savvis had concluded that the processor’s security systems met Visa Inc.’s standards.

ISR News: Heartland Fights MasterCard Fine

Excerpts From Finextra

“Heartland therefore considers the MasterCard fine to be in direct violation of both the MasterCard rules and applicable law and it intends and is prepared to vigorously contest and it has recommended to its sponsor banks that they vigorously contest, through all means available including litigation if necessary any liability that may be asserted or imposed upon Heartland or its sponsor banks by reason of this fine,” says Carr.

Heartland Regains PCI Compliant Status

By Anthony M. Freed, Information-Security-Resources.com Financial Editor

Heartland’s removal from the list of compliant payment processors had followed revelations that the company had suffered what may have been the largest data breach of payment card information to date, although details of the incident and similar events at RBS WorldPay (RBS) have not been made available due to ongoing investigations.

ISR News: IBM’s Financial New World Order

Excerpts From Finextra.com

The study predicts significant consolidation in segments wrought with over-capacity - such as investment banking, asset management, and wealth management - as firms adapt to a new lower-margin landscape where they will need to specialise around services that clients value rather than continuing to provide a full range of in-house services. Enhanced regulation and transparency will also eliminate opacity, with previously high-margin activities becoming commoditised.

ISR News: IRS Taps Troubled RBS WorldPay

Excerpts From WashingtonPost.com

The Internal Revenue Service has awarded a contract to process tax return payments for the coming filing season to RBS Worldpay, a company that recently disclosed that a hacker break-in jeopardized financial data on 1.5 million payroll card holders and at least 1.1 million Social Security numbers.

ISR News: US Banks Going Biometric

Excerpts From Finextra.com

A global survey conducted by Unisys last year found that 72% of US citizens would be willing to undergo fingerprint scans to verify their identities when dealing with banks and government organisations.

ISR News: FBI Raids Texas Data Centers

Excerpts From Blog.wired.com

The raids were part of an investigation prompted by complaints from AT&T and Verizon about unpaid bills allegedly owed by some data center customers, according to court records. One data center owner charges that the telecoms are using the FBI to collect debts that should be resolved in civil court. But on Tuesday, an FBI spokesman disputed that charge.

ISMG Launches GovInfoSecurity.com

Press Release From GovInfoSecurity.com

We have a new President, a new Administration, a new session of Congress … and a new national mission throughout government to secure personal data and protect our borders from cyber threats. Information security has never been more important to the federal government - or to all of us, as we conduct personal and professional business in this electronic world.

ISR News: PCI DSS verses Cybercrime

Excerpts From BankInfoSecurity.com

Yvette Clarke, D-NY, Chair of the Subcommittee, admonished the payments industry, saying “The payment card industry and issuing banks should be ashamed about the current state of play and doing everything possible to immediately institute improvements in infrastructure.”

Next Page »

• Categories

  • Anthony M. Freed (26)
  • Bill Brenner (2)
  • Bob Violino (1)
  • Bozidar Spirovski (23)
  • Breach (540)
  • Britt Womelsdorf (5)
  • By Dr. InfoSec (2)
  • Cara Garretson (7)
  • CCCNews (1)
  • Chorey Taylor & Feil (8)
  • Christophe Veltsos (2)
  • Christopher Burgess (7)
  • CIOZone (26)
  • Class Action Lawsuit (111)
  • Cloud computing (114)
  • Coby Royer (5)
  • CTO Forum (9)
  • D&O Liability (602)
  • Daniel Wallace (5)
  • Danny Lieberman (11)
  • DataLine (10)
  • David Alexander (2)
  • Derek Crawford (1)
  • Doug Pollack (7)
  • due diligence (311)
  • Fame Foundry (1)
  • FEATURE ARTICLE (428)
  • Financial (588)
  • Fred Leland (7)
  • Gene Kim (3)
  • Government (374)
  • Greg George (5)
  • H1N1 (15)
  • hackers (540)
  • healthcare (135)
  • Heather Bourgoin (1)
  • HomeATM (8)
  • identity-theft (536)
  • IDExperts (17)
  • Ike Z. Devji (1)
  • Infosec Island Network (39)
  • Insider Threat (491)
  • Internet Crime Complaint Center (1)
  • Internet Security Alliance (72)
  • ISR News (321)
  • Jacqueline Herships (2)
  • Jenni Hesterman (3)
  • John M. Salomon (2)
  • John Watkins (7)
  • John-Patrick Skaar (2)
  • Kaliber Data Security and Compliance Consultants (3)
  • Kat Sanders (2)
  • Ken Leeser (3)
  • Kevin L. Jackson (10)
  • Kevin M. Nixon (21)
  • Larry Ketchersid (1)
  • Laton McCartney (7)
  • Lauren Taylor (1)
  • Linda McGlasson (1)
  • malware (502)
  • Mark Smail (1)
  • Mark Wright (1)
  • Mel Duvall (3)
  • Michael Eggebrecht (3)
  • Michael Lohr (1)
  • Michael O'Conner (4)
  • MicroSolved (1)
  • Mike Duncan (3)
  • Mike Meikle (4)
  • Mike Spinney (1)
  • Military (212)
  • national security (454)
  • PCI (309)
  • PCI Security Standards Council (32)
  • Physical Security (11)
  • privacy (553)
  • Rachel James (10)
  • reach (12)
  • Rebecca Herold (16)
  • Richard Stiennon (44)
  • Robert Siciliano (34)
  • Sarbanes-Oxley (503)
  • ScamStop (2)
  • Sean Wilkins (2)
  • Semyon Dukach (1)
  • Simon Heron (14)
  • Software Associates (11)
  • Steven Fox (19)
  • SUPERAntiSpyware (3)
  • Sybase (6)
  • Symplified (5)
  • The Jester (8)
  • The Privacy Professor (16)
  • Thomas R. Fox (8)
  • Tom Groenfeldt (2)
  • Tom McLain (2)
  • Trefis (14)
  • Tripwire (18)
  • Uncategorized (621)
  • virtualization (102)
  • Webcast (49)

• ISR Headline Index

  • Why We Did It and Don’t Want Any Money
  • Hackers Lurking in Hotel Networks
  • 7 Month Vulnerability in Windows Virtual PC
  • How to Secure a Cisco Router
  • On HTML Insecurities…
  • When Social Networking Clashes with Security
  • Spam Block: Public Servants or Vigilantes?
  • Sticky Situations in Social Media
  • Quick Tips for Using Secure Shell
  • Consolidate Compliance With Open Source
  • DoS Attack Reveals Widespread Vulnerabilities
  • Study Shows Employees Put Data at Risk
  • Tracking Google’s Script Kiddie Hackers
  • Newbie Introduction to Digital Forensics Part 2
  • Simple Log Review Checklist Released

• Recent Comments

  • Ryan Aslett on Data Loss Prevention Has Jumped the Shark
  • Tom on (Lack Of) Encryption and The HITECH Act
  • ADMIN on Patriot Hacker Hits Jihad With DDoS Attacks
  • Robert Siciliano on Data Loss Prevention Has Jumped the Shark
  • Karen J. Cox on Data Loss Prevention Has Jumped the Shark
  • Scot McLeod on Outsourcing Breach Response Lowers Costs
  • John Marke on Gartner Tells CIOs to Embrace Social Media
  • Social Engineering and Enterprise Security | CIO – Blogs and … | Enterprise Engineering Addict on Gartner Tells CIOs to Embrace Social Media
  • From Russia, With Smartphones on Top 8 Social Media Security Threats
  • Judith Hoffman on Scam Alert: Rogue Gmail Account Phishing
• 
  

  Information Security Resources

  Top network security blogs