Three men in Tallahassee, Fla. were arrested last week on fraud charges related to the massive Heartland Payment Systems data breach that came to light in January.

Timothy Johns, Jeremy Fisher and Tony Acreus are accused of using credit card information stolen from Heartland, a credit card processing company, to electronically encode Visa gift cards. They used the cards to buy goods from Wal-Mart stores in the Tallahassee area, and then sold the purchases for cash.

The arrests are the result of a three month investigation conducted by the U.S. Secret Service, Tallahassee Police Department and the Leon County Sheriff’s Office. The suspects have been charged with multiple charges of grand theft and fraud. The investigation is continuing and will likely result in more arrests and reveal losses much higher than the $100,000 already discovered.

Heartland Payment Systems processes credit card payments for more than 4 billion credit card payments for more than 250,000 businesses nationwide. Heartland has refused to disclose the number of credit card accounts lost to the hackers, but security experts believe the total will probably dwarf the TJX data breach which, till now, held the dubious distinction of being the largest data breach in history with the account information of 45.7 million credit and debit cards stolen.

Visa and MasterCard notified Heartland of suspicious transactions last fall, but an internal investigation conducted by Heartland failed to find the malware installed by the hackers.