General Information | Student Resources | Instructional Programs | Campus Life | Community | Site Index | Home |

release header

February 9, 2009


Peggy Cartwright
Director of Marketing and Public Relations

Melanie Siddiqi
Director, Administrative Systems

For Immediate Release


The Chaffey Community College District recently learned that a company used to process our credit card transactions has been affected by a security breach. The company, Heartland Payment Systems, is one of the largest payment card processors in the United States, handling approximately 100 million transactions each month for 250,000 different merchants.

Given the national scope of this incident, you may have already learned some information about it from the media or from other organizations/companies where you have used your credit cards. We want you to know how your credit card purchases at our college might have exposed your credit card accounts to the Heartland breach, and what steps you should take to protect yourself.

1. What credit card transactions at Chaffey College are affected?
Online fee payments, in-person fee payments, and telephone fee payments are all
processed by Heartland Payment Systems.

2. What about my My ChaffeyVIEW account?
The Heartland breach occurred within the internal systems of Heartland Payment Systems, a company Chaffey College uses to process credit card transactions. There has been no breach whatsoever within Chaffey College’s systems: My ChaffeyVIEW, Datatel/Colleague, and all other Chaffey College systems are not at all affected by this incident.

3. How does Chaffey protect my personal information?
The credit card information that Chaffey transmits when payments are made is fully encrypted using 128-bit encryption; the current standard and highest level of data encryption that presently exists.

4. What information was stolen from Heartland?
Thieves were able to steal card numbers, card expiration dates, card CVV numbers (the three-digit code on the signature strip on the back of your card,) and cardholder names. This is enough information to produce a duplicate card to charge purchases to your account.

5. Was my address or Social Security Number compromised?
NO. Addresses, Social Security Numbers, and telephone numbers were not compromised. Note that without the cardholder's billing address, it would be difficult for the thieves to make online or telephone purchases, since most merchants verify the cardholder's billing address for such transactions.

6. Do I need to worry about identity theft? Will the thieves try to open new accounts or loans in my name?
The Heartland breach only exposes the card account details for specific credit or debit cards processed through Heartland Payment Systems. Since your address and Social Security Number were not compromised, the Heartland breach does not increase your risk of identity theft.

7. When did the Heartland breach occur?
Throughout 2008.

8. What should I do now?
Check your credit and debit card statements for any transactions you did not authorize. You will not be responsible for any fraudulent charges. If you see suspicious activity contact your card company at the telephone number on the back of your card.

9. How can I get more information about the Heartland Breach?
Heartland Payment Systems has set up a special website to share information about the breach. The site is:

- 30 -