A data breach at payments processing firm Global Payments Inc. may have compromised payment card information from multiple major card brands.
MasterCard and Visa are warning card-issuing institutions about the breach that could prove to be the largest incident since the Princeton, N.J.-based company Heartland Payment Systems breach. This latest breach could potentially affect more than 10 million cards.
According to several publications, Visa and MasterCard started alerting institutions last week about cards compromised by a processor breach. The card associations reported that the breached credit card processor was compromised between Jan. 21, 2012, and Feb. 25, 2012 and that full Track 1 and Track 2 data was taken—meaning that the information could be used to counterfeit new cards.
In a statement issued March 30, Global Payments said it "identified and self-reported unauthorized access into a portion of its processing system. In early March 2012, the company determined card data may have been accessed. It immediately engaged external experts in information technology forensics and contacted federal law enforcement. The company promptly notified appropriate industry parties to allow them to minimize potential cardholder impact. The company is continuing its investigation into this matter."
CUNA has confirmed that Visa and MasterCard are notifying card-issuing credit unions and banks of a possible massive data breach involving Atlanta-based Global Payments Inc.
Visa Inc. told CUNA that it "is aware of a potential data compromise incident at a third party entity affecting card account information from all major card brands. There has been no breach of Visa systems, including its core processing network VisaNet."
More information on this breach and access to security tips is available in CUNA’s News Now Report found here.