SANTA ANA, Calif.—A second data breach at Heartland may be even more serious that the first, even if it isn’t getting the same attention, according to analysts.
Heartland reported that it was breached on May 8, in this case by physical theft from its main office here. Among the items taken were password-protected computers, one of which may have stored social security numbers and/or bank account information for customers, the company has said.
Heartland, which provides debit, prepaid, and credit card processing, mobile commerce, e-commerce, check processing, payroll services, and other services, was the target of a much-publicized breach in 2008 that involved up to 100 million cards from more than 650 financial institutions. That breach, for which Albert Gonzalez was found guilty and sentenced to 20 years in prison, did not involve any personally identifiable data.
The latest breach being acknowledged by the company does include such data, which is why analysts believe it could be more problematic. Heartland has not issued much information in the wake of the theft of the computers other than to say it is working with local law enforcement.