BANGOR, Maine — The impact in Maine of a security breach reported in January by Heartland Payment Systems of New Jersey is widening. On Thursday, Bangor Federal Credit Union confirmed that personal information from more than 3,000 credit and debit cards it issued has been compromised and Bangor Savings Bank said about 18,000 of its card holder accounts have been violated so far.
Both institutions said no money has been lost, however.
“The information is just trickling in,” said Yellow Light Breen, spokesman for Bangor Savings Bank. “It’s still very early; we think there will be a lot more.”
Heartland Payment Systems processes credit and debit card transactions for at least 250,000 businesses nationwide. Breen said it is unclear how many Maine businesses contract with the company. But because Heartland is the fifth-largest payment processing company in the nation and specializes in the needs of small businesses, he said, “we think they have a very large market share in Maine.”
That makes it likely that “a very large percentage of Maine card holders will be affected,” he said.
Breen said that despite the security breech, there has been no evidence of related fraudulent activity in Bangor Savings Bank accounts and the bank is not routinely issuing new cards. Account holders who report suspicious activity in a timely way are not liable for financial losses, he emphasized.
A financial industry spokesman said the breach is already affecting banks, credit unions and financial institutions across the state.
“The shakeout from this data breach is an ongoing thing,” said Jon Paradise of the Maine Credit Union League. “To various degrees, it is affecting all financial institutions and credit card companies.” Paradise said at least a dozen Maine credit unions have blocked accounts and reissued cards.
At the Bangor Federal Credit Union, president and chief executive officer Steve Clark said the first alert came last Tuesday, when he was notified that card information on 270 members had been accessed in the security breach. The next day, 100 more accounts were added to the tally, and by Tuesday of this week the number was more than 3,000.
“It’s frustrating,” Clark said. “As a player in the credit card industry, we’ve purchased the best enhancements to create and monitor security.” He stressed that while security has been compromised, there has been no recent evidence of fraudulent activity in Bangor Federal Credit Union accounts, though problems reported last fall may have been related to the Heartland breach.
Affected accounts have been blocked until new cards can be issued, Clark said. The process takes 10 to 14 days.
“This is not about Bangor Federal Credit Union,” Clark said. The problem is affecting the entire banking industry, credit card issuers and even flexible health spending accounts, he said. Clark’s own accounts have been breached, he added.
Breen said it is still safer to use debit and credit cards than to carry or mail cash or checks, and that banks, including Bangor Savings Bank, have invested heavily in computer software to detect and prevent fraudulent activity.
“This is just kind of a fact of modern life, unfortunately,” he said.
The financial industry is stressing the importance of consumers’ role in identifying security breaches.
“Be vigilant, know what your account should look like and watch for all types of activity,” Clark said. “Be vigilant, be looking at your accounts online or via the telephone, and watch your monthly statements.” Any suspicious activity should be reported immediately to the appropriate financial institution.
On the Web: www.2008breach.com