The Contra Costa Community College District (CCCCD) recently learned that a company
they use to process credit and debit card transactions has been affected by a security
breach. The company, Heartland Payment Systems, is one of the largest payment card
processors in the United States, handling approximately 100 million transactions each
month for 250,000 different merchants. If you have used a credit or debit card to
make purchases at any of the district's three colleges, your credit or debit card
account information may have been exposed to the Heartland breach.
What purchases at CCCCD are affected? Online fee payments, telephone fee payments, and purchases at the college bookstores
are all processed by Heartland Payment Systems.
What information was stolen from Heartland? Thieves were able to steal card numbers, card expiration dates, card CVV numbers (the
three-digit code on the signature strip on the back of your card) and cardholder names.
This is enough information to produce a duplicate card to charge purchases to your
Was my address or Social Security Number compromised? NO. Addresses, Social Security Numbers, telephone numbers, and debit card PIN codes were
not compromised. Note: without the cardholder's billing address, it would be difficult
for the thieves to make online or telephone purchases, since most merchants verify
the cardholder's billing address for such transactions.
Do I need to worry about identity theft? Will the thieves try to open new accounts
or loans in my name? The Heartland breach only exposes the card account details for specific credit or debit cards processed through
Heartland Payment Systems. Since your address and social security number were not
compromised, the Heartland breach does not increase your risk of identity theft.
When did the Heartland breach occur? Throughout 2008.
What should I do now? Watch your credit and debit card statements for any transactions you did not authorize. You will not be responsible for any fraudulent charges; you should contact your card
issuer at the telephone number on the back of your card to report any unauthorized
activity on your monthly statements.
What about my Insite account? The Heartland breach occurred within the internal systems of Heartland Payment Systems, a company CCCCD uses to process
credit and debit card transactions. There has been no breach within CCCCD systems;
Insite and all other CCCCD systems are not affected by this incident.
How can I get more information about the Heartland breach? Heartland Payment Systems has set up a special website to share information about