Global Payments: Security Breach Exposed Merchant Data

Atlanta-based, third-party payments processor Global Payments said it has uncovered unauthorized access to its servers containing personal information collected from merchant applicants.
In its original discovery of the data breach from earlier this year, Global Payments said as many as 1.5 million credit card and debit card numbers – from Visa, MasterCard and other brands – had been stolen.
The company is sticking to that number in its latest statement issued Tuesday. It still insists that no personal information, including cardholder names, addresses and social security numbers, was obtained by the hackers.
However, the breach now seems to have been deeper than Global Payments first thought.
Global Payments discovered that the data thieves also might have broken into computers storing the personal data of merchants applying to have their sales processed. The company does not know if the exposed merchant data was stolen.
Global Payments stores names, addresses, Social Security numbers, drivers’ license numbers and banking account numbers of merchants, according to the company’s regulatory filings.
“It is unclear whether the intruders looked at or took any personal information from the Company’s systems; however, the Company will notify potentially-affected individuals in the coming days with helpful information and make available credit monitoring and identity protection insurance at no cost,” Global Payments said.
The company said the incident is “contained” and that it has made progress in its investigation and remediation efforts.
In separate alerts sent out in late March, Visa and MasterCard warned banks about specific cards that may have been compromised.

Leave a Reply

Your email address will not be published. Required fields are marked *