If the name Heartland Payment Systems seems familiar, it should. Heartland, which processes credit and debit card payments for retailers as well as payroll processing was the target of one of the first major data breaches in 2008 when information on 130 million credit cards and debit cards were stolen by hacking into Heartland’s computer system. Now Heartland, as required by California law, has reported to the California Attorney General that it had become a victim of a data breach on May 8th at its offices in Santa Ana, California. This time, however, the thieves physically broke into the office and along with televisions and other personal property took eleven computers, four of which contained personal information used to process payrolls. Sensitive personal information on approximately 2,200 people was included on those computers which, although the computers were password protected did not encrypt the data, thereby leaving these people in danger of identity theft if the computers end up in the hands of sophisticated identity thieves.
Those people whose personal information was compromised by the robbery have already been personally notified by Heartland. However, this is a good lesson to individuals, companies and governments everywhere that data security is not just a matter of securing your computer systems, but also physically securing your computers. This case also highlights the need for computers with sensitive information to encrypt the data so that if the actual computer is stolen, the information would remain safe. This same precaution applies to your smartphone and other electronic devices.