U.S. Data Theft Involved 1.5M Credit, Debit Cards

As many as 1.5 million credit card and debit card numbers – from Visa, MasterCard and other brands – may have been stolen from the Atlanta-based, third-party payments processor Global Payments, the company said in a statement.
Sometime in early March, Global Payments said it discovered the data breach and quickly notified authorities and industry contacts.
While 1.5 million card numbers may have been hacked, “cardholder names, addresses and social security numbers were not obtained by the criminals,” the company said.
“Based on the forensic analysis to date, network monitoring and additional security measures, the company believes that this incident is contained,” Global Payments said.
The company said it is working with industry third parties, regulators and law enforcement to “minimize potential cardholder impact.”  It has also hired information security and forensics firms to investigate the theft.
“We are making rapid progress toward bringing this issue to a close … We are open for business and continue to process transactions for all of the card brands,” said Chairman and CEO Paul R. Garcia.
News of the incident broke late last week after the security blog KrebsonSecurity.com reported that Visa and MasterCard described the data breach as “massive” and could involve millions of compromised card numbers.
In separate alerts sent out last month, Visa and MasterCard started warning banks about specific cards that may have been compromised. The alerts were not made public at the time. The breach reportedly occurred between Jan. 21, 2012 and Feb. 25, 2012.
“Visa has provided payment card issuers with the affected account numbers so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards,” Visa said in a statement.
MasterCard said in a statement that law enforcement has been notified of the matter and an “independent data security organization” is conducting an ongoing forensic review.

Leave a Reply

Your email address will not be published. Required fields are marked *