This incident has 0 proposed changes. Know of details that have changed? Submit them Showing Incident 15

SUMMARY

"Oh, this is nothing..."
Records	Unknown
Record Types	CCN
Breach Type	Hack, Hack
Data Family	Electronic
Source	Outside
Organization	Egghead.com
Other Organizations	None
Lawsuit?	NO/UNKNOWN
Data Recovered?	NO/UNKNOWN
Arrest?	NO/UNKNOWN
Submitted By:	Anonymous

TIMELINE

Date	Event
None. Add Data	Incident Occurred
New Timeline Item For Incident Occurred Date Reference URL Spam Check: (type the code from the image)
None. Add Data	Incident Discovered By Organization
New Timeline Item For Incident Discovered By Organization Date Reference URL Spam Check: (type the code from the image)
2000-12-23	Organization Reports Incident
New Timeline Item For Organization Reports Incident Date Reference URL Spam Check: (type the code from the image)
None. Add Data	Organization Mails Notifications
New Timeline Item For Organization Mails Notifications Date Reference URL Spam Check: (type the code from the image)
None. Add Data	Records Recovered
New Timeline Item For Records Recovered Date Reference URL Spam Check: (type the code from the image)
None. Add Data	Lawsuit Filed
New Timeline Item For Lawsuit Filed Date Reference URL Spam Check: (type the code from the image)
None. Add Data	Arrest Made
New Timeline Item For Arrest Made Date Reference URL Spam Check: (type the code from the image)

SIMILAR INCIDENTS

records	date	organizations
0	2007-02-19	Stop & Shop
0	2007-05-21	Columbia Bank (NJ)
0	2007-10-28	Art.com
0	2008-01-25	OmniAmerican Bank

MAP OF INCIDENT LOCATION

Address: USA
Have a better address for this incident? Suggest it!

suggest a new reference

REFERENCES

suggest a new attachment

ATTACHMENTS

COMMENTS

by Anonymous on 2009-01-23 (about 1 year ago)

The problem I see is Heartland is being anything but transparent. Releasing the story on inaugural day, and stating "people aren't really at risk." What that statement seems to ignore is data pirates can and do combine artifacts assembled from disparate origin, and it would be a trove to have millions of CC to cross-match against existing partial CC stolen from elsewhere, or existing names, etc. Heartland must be compelled to release the merchant names involved, so the issue can be fully addressed by all involved, not least of which is the public who may be impacted. Finally, any data incident found by 'anomalous billing patterns' is pretty much assured to have been missed by existing method of detection, and heartland has nothing to be proud of in that area either. Visa told them, not the other way around. I want to see heartland held to a higher standard than they are attempting to hold themselves to.

Incidents:

Data Types:

Sectors:

Sources:

Breach Types:

Disposal Computer | Disposal Document | Disposal Tape | Disposal Drive
Email | Fraud Se | Hack | Lost Computer
Lost Document | Lost Drive | Lost Laptop | Lost Media
Lost Tape | Missing Laptop | Snail Mail | Stolen Computer
Stolen Document | Stolen Drive | Stolen Laptop | Stolen Media
Stolen Tape | Unknown | Virus | Web