Wednesday, January 21, 2009

A good day for bad news

Yesterday was Coronation Inauguration Day, and the press was (ahem) busy. That made it the best day in recent memory to bury bad news. After all, the press simply wasn't interested in much else.

So what kind of bad news might be good to bury? How about the biggest compromise of credit cards in history? Hackers stealing a hundred million cards - what, didn't you hear?
Hearland Payment Systems, a credit card payment processor, apparently chose the completely innocuous day of January 20th, 2009 to inform the world that a data breach occured, and that it did not affect any “merchant data or cardholder Social Security numbers, unencrypted PINs, addresses or telephone numbers”. What possibly was affected, however, was every credit card number that traversed their payment processing system.
So, Mr. Good-Day-To-Hide-Bad-News PR Man, just who might that be? Well, did you ever use a credit card?
Anyone who used a Visa or Mastercard at one of a quarter of a million businesses may have been affected. For the small number of you who fall into this category, I recommend going through your old credit card statements just in case you were one of the victims. In all honesty, the probability of any one person being victimized by this is pretty slim, but vigilance is never a bad thing.
Oops. Glad that everyone's getting the word.

I have to hand it to Heartland's PR department. They chose the announcement timing very, very well.

UPDATE 21 January 2009 20:12: Rich Mogul has more about the way the hack was done.

UPDATE 21 January 2009 20:37: Uh oh - my secret's out. I get my security news at Liberty's place ...

Heh.

No comments: