Provident customers affected by Heartland data breach
Some Provident Bank customers have been impacted by a data breach at Heartland Payment Systems, a Princeton, N.J. processor of credit card payments.
Apparently, hackers used malicious software -- 'malware' -- to steal credit and debit card numbers from the card payment processing company last year. Some estimate that the Heartland breach could affect tens of millions of cardholders nationwide.
Only customers who received a new card in the mail and a letter from Provident had their card numbers compromised, company officials say. If you got the new card, activate it and destroy the old one.
Then, watch your statements --- and check old ones --- for problem transactions, because according to this Washington Post blog, Heartland doesn't know how long the malware was reading the numbers.
Some Provident customers thought the letter was a hoax or a scam,
because they couldn't find information on the Provident Bank Web site about the breach. There was nothing on the home page.
But apparently a Provident Bank statement on the data breach had been posted on Provident Bank's "Customer Service" Web page, under "MasterCard Issues," describing the transaction limits "MasterMoney" debit card users might encounter at certain retailers.
These would only be in effect for signature-based transactions only, however --- enter your PIN and the transaction would go through.
For more information, call Provident at 888-298-7734.
Updated: When data breaches affect Marylanders, state law requires companies to report the incident to the Maryland attorney general's identity theft unit,
Hugh Williams from the ID theft office warns readers to take these notices seriously --- dn't dismiss them as ploys to sell credit monitoring products. More information about protecting yourself from identity theft can be found at the Maryland identity theft unit Web site.
Categories: Banks, Consumer protection, Identity theft, Naughty businesses/NBotW
Comments
I am a ING Direct customer, and we were effected as well. I got an email that basically said your information could have been compromised, but other than telling us to watch our accounts for the next 12 months they didn't do anything else for us. I was thinking of having them make a new number up for me, but I'd be without a card for like a week to 10 days. I need to find a way to live without the card I use everyday for that long...
Bill, it's hard to decide what's better, especially since you can't be sure *your* data was stolen. I know Sovereign Bank made a similar choice. Kind of makes Provident's choice to proactively send new cards to customers seem generous, because they weren't without cards in the interim. --- lfk.
Posted by: Bill | February 4, 2009 8:31 AM