Yesterday, we reported that Piedmont Credit Union in North Carolina had reported that 15 of its members were reporting fraudulent use of their Visa-issued debit cards, mostly at gas stations in Florida. We also reported that Oregon Territory Federal Credit Union members were reporting misuse of their debit cards. At the time of the initial reports, neither credit union was able to identify the source of the breach.
Now Piedmont has issued a statement on its site linking their breach to the Heartland breach. Although the statement does not name Heartland, a spokesperson confirmed to me that it was Heartland being referred to in their announcement.
A spokesperson for Oregon Territory also informs me that they have determined that their breach and fraud reports were also due to the Heartland breach.
In a third credit union breach, a spokesperson for Franciscan Skemp Credit Union informs me that they are as yet unable to determine if the Heartland breach was responsible for their reports, but that approximately 60 members have reported debit card fraud starting at the beginning of December. In their case, most of the fraudulent activity occurred at California retail merchants and gas stations.
Heartland’s initial press release did not indicate that it was arranging for any credit monitor or ID theft restoration services for those affected, and they have not yet responded to an inquiry as to whether they will arrange for such services in light of reports that there has been fraudulent use linked to the breach.
[small update: PCU’s newest statement on their site names Heartland as the source of their breach.]