Employees of First National Bank in Pratt spent part of their weekend notifying customers that their debit card information may have been compromised, after a national credit card processing company discovered a security breach.
Erring on the safe side, First National staff members called Visa debit cardholders whose names and account numbers appeared on a list of potential accounts that might have been compromised, President Jack Galle said.
The bank followed its usual procedure to “err on the safe side,” Galle said, stressing that there was only a potential that card numbers or cardholders’ names had been obtained in an intrusion at Heartland Payment Systems. The New Jersey-based company serves about 175,000 small merchants, such as restaurants and small retailers, and processes about 100 million transactions a month.
Everyone on First National’s list has been contacted. Their accounts have been closed and new cards issued to avoid any possibility of fraud, Galle said.
“As of now, we don’t see it as a problem,” said Rick Abrams, vice president at The Peoples Bank. “We’re watching it very carefully day by day.”
Abrams encouraged customers, especially those who receive statements online, to check their statements diligently. Additional security measures include using a PIN instead of a signature every time a debit card is swiped, and signing up for a system in which an e-mail is sent to the customer following each debit card transaction.
A number of customers at First State Bank have been contacted by mail, Diana Barnard, branch manager, said. Accounts have been closed and new cards issued. She anticipates that the list of affected cardholders may grow as more companies complete their investigations.
Linda Brehm, retail manager at Citizens Bank of Kansas, does not believe any of their customers are affected.
Heartland has established a Web site, http//www.2008breach.com, to provide information about the incident. The company said the breached data did not include confidential merchant data or cardholder Social Security numbers, personal identification numbers (PIN), addresses or telephone numbers, making it highly unlikely it can be used for identity theft.
Cardholders will not be held financially responsible for any unauthorized transactions that are reported to their card issuer in a timely manner. Cardholders are urged to monitor card and bank statements and report suspicious activity to the card issuer.
