Categories: SecurityWorkspace

Global Payments: Breach Hit Less Than 1.5m Credit Cards

Fewer than 1.5 million credit cards were affected by a security breach reported on Friday, according to Global Payments (GPN), the bankcard payment processor affected by the incident.

On Friday security journalist Brian Krebs reported that MasterCard and Visa sent “non-public alerts” to banks in the US earlier in March regarding a breach. Krebs’ report speculated the incident may have involved more than 10 million card numbers, citing unnamed sources in the financial sector. Later in the day GPN acknowledged that it was the processor involved.

North America affected

The breach took place between 21 January and 25 February, according to the alerts sent by Visa and MasterCard.

GPN acknowledged that “less than 1,500,000” card numbers may have been “exported” by criminals, with the numbers involved all from North America.

The information stolen included card numbers, but not the names, addresses or social security numbers of cardholders, according to GPN. Friday’s report had suggested the breach may have involved full card details, including both Track 1 and Track 2 data, which would have allowed cards to be counterfeited.

“Based on the forensic analysis to date, network monitoring and additional security measures, the company believes that this incident is contained,” the company said in a statement.

GPN, whose shares were halted following the report, said it remained open for business and is working with regulators and law enforcement to limit the incident’s impact on cardholders.

“We are making rapid progress toward bringing this issue to a close,” stated GPN chairman and chief executive Paul Garcia.

Over the weekend, Visa distanced itself from GPN, removing the company from its list of compliant service providers, according to the Wall Street Journal. The company said it has asked GPN to revalidate its compliance with the Payment Card Industry Data Security Standard (PCI DSS).

Visa and MasterCard said on Friday there had been no breach of their own systems. Visa said it has provided payment card issuers with the affected account numbers, enabling them to take appropriate action to protect consumers.

How well do you know Internet security? Try our quiz and find out!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

OpenAI In Talks With California Over For-Profit Shift

OpenAI reportedly begins early talks with California attorney general over complex transition from nonprofit to…

3 hours ago

EU To Assess Apple’s iPad Compliance Plans

European Commission says it will review Apple's iPad compliance with DMA rules as it seeks…

4 hours ago

James Dyson Says ‘Spiteful’ Budget Will Kill Start-Ups

James Dyson delivers most high-profile criticism so far of Labour's first Budget that raises £40bn…

4 hours ago

Nvidia, Meta Ask Supreme Court To Axe Investor Lawsuits

Nvidia, Meta bring cases before US Supreme Court this month seeking tighter limits on investors'…

5 hours ago

Nvidia To Replace Intel On Dow Jones Industrial Average

Nvidia to replace Intel this week on Dow Jones Industrial Average after years of turmoil…

5 hours ago

Toyota-Backed Joby Flies ‘Air Taxi’ In Japan

Joby Aviation and Toyota Motor complete demonstration flight in Shizuoka as companies prepare to bring…

6 hours ago