Security breach forces Alaska banks to replace thousands of credit cards

Stolen data is likely restricted to names, numbers, expirations

Posted: Thursday, February 19, 2009

ANCHORAGE - A malicious security breach has forced several banks to issue thousands of new credit and debit cards throughout Alaska after data was stolen from a New Jersey company.

Personal data was stolen starting last May from Princeton N.J-based Heartland Payment Systems.

Heartland officials told the Anchorage Daily News hackers never acquired Social Security numbers, PIN numbers, addresses or telephone numbers, so it appears that stolen data is restricted to cardholder names, numbers and expiration dates.

Still banks and credit unions said data belonging to thousands of their customers has been compromised and the cards must be replaced.

This started when hackers planted software on Heartland's payment processing system, which harvests magnetic strip data from millions of card transactions.

Heartland said it began investigating late last year once two major credit card companies -- Visa and Mastercard -- detected fraudulent charges on cards that had been swiped at Heartland's merchants.

After Heartland announced the data breach last month, many credit unions and several banks in Alaska responded.

They started issuing new cards while canceling old cards for those customers whose private data had been breached.

Nearly one-fifth of the cards belonging to First National Bank Alaska customers were breached. The bank reissued 1,150 credit cards and 7,000 debit cards.

"We reissued every card that was on the compromised list," said Valerie Bale, First National's electronic banking manager.

Other examples of bank or credit union response include:

• Alaska USA Federal Credit Union reissuing 64,000 debit cards and 6,000 credit cards throughout.

• Credit Union 1 reissuing 1,121 credit cards and 7,135 debit cards.

• Denali Alaskan Federal Credit Union reissuing more than 5,000 credit and debit cards.

Wells Fargo Bank, Northrim and KeyBank officials wouldn't say how many cards they've reissued due to the security breach.

KeyBank isn't notifying customers with breached data unless there is suspicious activity connected to those accounts.

"We have ramped up our fraud monitoring," said Anne Foster, a regional spokeswoman for KeyBank, which has 17 branches in Alaska.

She said KeyBank will reissue cards upon request or notify customers of any suspicious charges, but it wants to avoid customer anxiety.



CONTACT US

  • Switchboard: 907-586-3740
  • Circulation and Delivery: 907-586-3740
  • Newsroom Fax: 907-586-3028
  • Business Fax: 907-586-9097
  • Accounts Receivable: 907-523-2230
  • View the Staff Directory
  • or Send feedback

ADVERTISING

SUBSCRIBER SERVICES

SOCIAL NETWORKING