Robert Carr was settling in for the evening in a New York hotel on Jan. 12 this year when at 10:30 p.m. he got a phone call that every financial services executive dreads. Carr, CEO of Heartland Payment Systems (HPY), learned that intruders might have hacked into the company's computer network.
The next morning, his fears were confirmed. For a period starting in May 2008, cybercriminals had burrowed deeply into Heartland's network and recorded consumers' credit- and debit-card data. "That's the worst thing that can happen to a payments company and it happened to us," says Carr.