Categories: SecurityWorkspace

Global Payments: Breach Hit Less Than 1.5m Credit Cards

Fewer than 1.5 million credit cards were affected by a security breach reported on Friday, according to Global Payments (GPN), the bankcard payment processor affected by the incident.

On Friday security journalist Brian Krebs reported that MasterCard and Visa sent “non-public alerts” to banks in the US earlier in March regarding a breach. Krebs’ report speculated the incident may have involved more than 10 million card numbers, citing unnamed sources in the financial sector. Later in the day GPN acknowledged that it was the processor involved.

North America affected

The breach took place between 21 January and 25 February, according to the alerts sent by Visa and MasterCard.

GPN acknowledged that “less than 1,500,000” card numbers may have been “exported” by criminals, with the numbers involved all from North America.

The information stolen included card numbers, but not the names, addresses or social security numbers of cardholders, according to GPN. Friday’s report had suggested the breach may have involved full card details, including both Track 1 and Track 2 data, which would have allowed cards to be counterfeited.

“Based on the forensic analysis to date, network monitoring and additional security measures, the company believes that this incident is contained,” the company said in a statement.

GPN, whose shares were halted following the report, said it remained open for business and is working with regulators and law enforcement to limit the incident’s impact on cardholders.

“We are making rapid progress toward bringing this issue to a close,” stated GPN chairman and chief executive Paul Garcia.

Over the weekend, Visa distanced itself from GPN, removing the company from its list of compliant service providers, according to the Wall Street Journal. The company said it has asked GPN to revalidate its compliance with the Payment Card Industry Data Security Standard (PCI DSS).

Visa and MasterCard said on Friday there had been no breach of their own systems. Visa said it has provided payment card issuers with the affected account numbers, enabling them to take appropriate action to protect consumers.

How well do you know Internet security? Try our quiz and find out!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

2 days ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

2 days ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

2 days ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

3 days ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

3 days ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

3 days ago