In the bleariness of the morning off-to-work routine, the news of the breach of information about hundreds of millions of debit cards was accompanied by an analysis that said the intruder’s software was light years ahead of that of Heartland Payment Systems.
.
At least that’s what it sounded like at 6:45 a.m. or so on New Jersey Network News, which was announcing
.
Maybe it’s just that even the Internet services hadn’t caught up with the analysis that early in the day. But the mere thought that the crooks have far more advanced technology systems than a major financial company doesn’t provide a lot of comfort in a time in which financial institutions are fragile.
.
While the details unroll, it’s a good time to consider that information technology security was No. 1 on the list of Top Ten Technologies for 2009, as selected by the American Institute of CPAs.
.
Of course, most accounting firms don’t have the kind of information that these thieves want: credit card
.
No, the real lesson of Heartland is the need for vigilance. And as the day wore on, the company announced that merchant and customer data had not been affected and that there was no theft of client information such as Social Security, telephone or personal identification numbers. At least one Kentucky bank canceled a few thousand debit cards, and was issuing new ones to customers. But it said no fraudulent activity had been detected.
.
Whether the story is as bleak as first reported or as minimal as Heartland’s later statement, there’s no doubt that the AICPA members who selected the major issues had a very good idea of what they were doing.