Heartland CEO says data breach was 'devastating'
Heartland Payment Systems chief executive Robert Carr remembers what it felt like when he first heard about the massive data breach at his company earlier this year.
"I wanted to throw up. It was devastating," says Carr, recalling how he felt upon realizing that one of his worst fears had come true. "People had asked me for years 'what keeps you awake at night' and I would keep telling them it was the fear of a data breach," he told Computerworld.
Five months after Heartland announced what some think may be the biggest data breach ever, Carr is working over-time to limit the fallout from the incident, and the damage to the company's reputation.
Since the incident was disclosed, Heartland has accelerated an end-to-end encryption program for protecting card data that it aims to complete in the third-quarter. The company is simultaneously pushing a broader effort to develop an industry-wide standard for encrypting data white it's being transmitted over networks.
The company has also co-founded a group called the Payment Processor Information Sharing Council to give organizations in the payments industry a forum for sharing information about security threats, vulnerabilities and fraud. At the group's first meeting in May, Heartland handed out a USB drive containing the malicious code that it had discovered on its networks as a sign of its willingness to share details of the attack with others in the industry. Carr has also been reaching out personally to customers, industry groups, security analysts and media to explain what the company has been doing in response to the breach. When rival firms tried to scare Heartland customers over the possible repercussions of using Heartland as a processor, Carr quickly fired out cease and desist letters.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
