By HEATHER PYLES, CJ Staff Writer
Some debit customers with a local bank branch have been feeling the effects of a reported security breach at one of the nation’s largest credit processing companies.
The breach, reported by Heartland Payment Systems, is affecting member banks across the country, including Forcht Bank, which has several locations in Somerset.
But the bank is ensuring its customers that the steps taken, while inconveniencing, are being done in an abundance of caution to make sure no valuable financial information is misused.
“Our priority has always been to protect our customers,” said Eddie Woodruff, the chief marketing officer for Forcht Bank.
Forcht Bank, headquartered in Kentucky, began taking steps to minimize any potential damage that could’ve occurred because of the breach when Heartland Payment Systems notified its bank members on Jan. 12.
Only certain Forcht Bank debit card customers are potentially affected by the breach.
Those steps include sending letters to its customers and attempting to contact its customers by phone.
Still, a part of the 8,500 debit customers at Forcht whose information was potentially compromised were surprised when their transactions were rejected at businesses and at ATMs this week.
Woodruff said some customers were blindsided because the bank has received 400-page lists daily updating them on the customers who are potentially affected by the breach.
Forcht Bank has approximately 22,000 debit customers in all.
“All we get is numbers,” Woodruff said. “We have to go in our systems and match that to names.
“We’re doing it (notifying customers) as fast as humanly possible,” he added.
Woodruff emphasized that the breach did not happen at the bank level.
“What the criminals have done ... They know they can’t hack into banks directly,” Woodruff said. “So they identify where the weakest link is in the network.
“And it’s at the retail level,” he added.
The Forcht Bank system is protected by multiple firewalls and by state-of-the-art security technology and procedures. Other banking systems can boast the same type of protection to ensure customers’ financial information is protected at that level.
Woodruff said many media reports about the incident have left the public unclear about the breach and its connection with Forcht Bank.
“The key issue is people are misunderstanding ... they think that our system was hacked into,” Woodruff said.
“Because we took the proactive steps to protect our customers, we were connected with the breach,” he continued. “We just felt like we had to do the right thing.”
Heartland Payment Systems is a credit and debit card processing service that is used by around 250,000 businesses in the country. Those businesses include restaurants, retail businesses and gas stations.
Essentially, when a credit or debit card is swiped at a store, that information goes to a merchant processor such as Heartland Payment Systems. That information is then sent to a bank processing system — in Forcht Bank’s case, that system is STAR. That information then goes back to the bank for balance updates.
“It sounds complicated, but it happens within a split-second,” Woodruff said.
Heartland is reported to be the sixth largest debit card processor in the country.
Woodruff said the effected debit cards have been marked as lost or stolen to block or prevent any possible fraudulent transactions, and while he said it is an inconvenience to those customers affected, he said many have been grateful that the step was taken.
Those customers will receive a new debit card within seven to 10 business days from the time their cards were canceled.
Kathy Choate, market president for Somerset First & Farmers Bank, said First & Farmers is not a member bank with Heartland.
Choate said should First & Farmers be affected by a similar breach, they would proceed in much the same manner as what has Forcht bank has done.
“If we were ever affected, we would be doing the exact same thing,” Choate said.
Mike Simpson with Cumberland Security bank said that bank’s customers are not affected by the breach.
“We don’t have any issues with any breach with our debit cards,” Simpson said.
Citizens National Bank spokesperson Lisa Compton said the breach has not affected Citizens customers
“We don’t use Heartland to process anything,” Compton said.
A corporate spokesperson with BB&T; Bank did not return phone calls by press time Friday.
Woodruff suggested that as more information about the breach comes to light, other banks may step forward and announce their debit systems were also potentially compromised.
“In the next few weeks, other banks will come forward,” Woodruff said.
According to a press release on its company Web site, Heartland reported that the intruders cracked the system used to process 100 million card transactions each month.
The company began investigating the breach last fall, but “malicious software” wasn’t found until the middle of January.
"We found evidence of an intrusion last week and immediately notified federal law enforcement officials as well as the card brands," said Robert H.B. Baldwin, Jr., Heartland's president and chief financial officer, in the press release. "We understand that this incident may be the result of a widespread global cyber fraud operation, and we are cooperating closely with the United States Secret Service and Department of Justice."
Heartland said it believes the intrusion has been contained.
