Commerce Bank replaces cards compromised in Heartland breach

Dan Margolies reports that Commerce Bank in Kansas City is first replacing credit cards after a recent small wave of fraudulent activity was reported. The compromised cards were involved in the Heartland Payment Systems breach disclosed in January 2009.

“We are now beginning to reissue some cards that were part of the block of cards that went through Heartland Payment Systems and were compromised by the bad guys,” said Carl Bradbury, Commerce’s director of consumer card products.

[…]

Bradbury said the Heartland breach was only now hitting banks such as Commerce because when criminals “steal blocks of numbers, especially a large block of numbers like this, they break them into smaller blocks and sell them, and so it goes on” until the end users try to use those cards to get money out of ATMs or to make purchases.

Bradbury said Commerce had been “very lucky in that the wave of fraud largely passed over the bank.” But “fairly recently we’ve had some flickers on the radar that showed that some of our card numbers associated with trafficking through Heartland had been used to perpetrate fraud.”

[…]

Bradbury declined to quantify the fraud or the amount Commerce has absorbed.

“But it was a very small percentage of our portfolio,” he said.

Other local bank officials said the Heartland breach had affected some of their customers, but not recently.

“I don’t think more than a handful of our customers were affected,” said UMB Bank spokeswoman Pam Blase. “And it was months ago.”

Read more in The Kansas City Star.

As of its most recent count, BankInfoSecurity.com reported that 673 financial institutions had publicly revealed that they had been affected by the breach. If, as Commerce Bank’s spokesperson suggests, Commerce may be part of a new wave, we may see that number continue to climb slowly. In any event, if we add in Commerce and UMB Bank, the count currently stands at 675.

About the author: Dissent