Breach scares IU Credit Union

A large-scale security breach at a national payment processing company has compromised credit card information for many IU Credit Union members.

“Several accounts were compromised,” said Andy Allard, vice president and chief operating officer of the IU Credit Union. “It’s really hard to quantify at this point. This is a fairly significant breach.”

Heartland Payment Systems, the payment processing company used by the IU Credit Union, reported Jan. 20 that a security breach by a group of unidentified hackers allowed the hackers to access customer information in 2008.

According to the Heartland Web site, the company believes the threat has been contained.

Allard said hackers were able to access information typically contained in the magnetic strip of credit cards, such as card expiration dates.

But Allard said that none of the IU Credit Union’s computer
systems were breached.

IU Credit Union customers who might have been affected were first sent letters detailing what information might have been compromised.

“We then made the determination that it was prudent and necessary to reissue cards,” Allard said.

To alert those whose information was not accessed, Allard said the IU Credit Union put a notification on its Web site.

The credit union is being notified on an ongoing basis as to which accounts were affected, Allard said.

Allard said concerned IU Credit Union members should check Heartland Payment System’s Web site dedicated to the security breach, www.2008breach.com.

Because information about whom the breach affected continues to come in to the credit union, Allard said it is important that members be vigilant about checking their accounts for unauthorized purchases or other strange activity.

“We take our members and the confidentiality of their information seriously,” Allard said. “We do what’s in the best interest of our members.”