Both VISA and MasterCard are currently playing defense, alerting the public and banks across the country about a massive security breach at a third-party payment processor.
Global Payments Inc. is said to have suffered a security breach sometime between January 21st, 2012 and February 25th, 2012, resulting in the credit/debit card information of ~50,000 cardholders being stolen.
The breach was initially reported by Brian Krebs of KrebsonSecurity.com early Friday morning before being picked up by other media outlets.
According to the WSJ, the breach is currently being investigated by law enforcement and an unnamed “independent data security organization”; however, a report by Avivah Litan, a fraud analyst at Gartner, states that the breach involved a taxi and parking garage company in the New York City area.
Litan advises that anyone that has used their credit or debit card to pay for a NYC cab in the last few months keep a sharp eye on their billing statements for signs of fraud.
Both Visa and MasterCard have stated that none of their computers were accessed during the security breach, only those of Global Payments, Inc.
Anyone that is concerned about whether or not their account information was compromised in the breach are being advised to contact the bank that issued the card.
Update 3:25pm: Details are still sketchy, with some news sources citing millions were affected by the breach while others cite only around 50,000 cardholders were affected.
Either way, Global Payments, Inc. has released the following press release confirming that their systems were breached and that they will hold a conference call on April 2nd at 8 am EDT:
Global Payments Inc. (NYSE: GPN), a leader in payment processing services, announced it identified and self-reported unauthorized access into a portion of its processing system. In early March 2012, the company determined card data may have been accessed. It immediately engaged external experts in information technology forensics and contacted federal law enforcement. The company promptly notified appropriate industry parties to allow them to minimize potential cardholder impact. The company is continuing its investigation into this matter.
It is reassuring that our security processes detected an intrusion. It is crucial to understand that this incident does not involve our merchants or their relationships with their customers,” said Chairman and CEO Paul R. Garcia.
Global Payments will hold a conference call Monday, April 2, 2012 at 8:00 AM EDT. Callers may access the conference call via the investor relations page of the Company’s Web site at www.globalpaymentsinc.com by clicking the “Webcast” button; or callers in North America may dial 1-888-895-3550 and callers outside North America may dial 1-706-758-8809. The pass code is “GPN.”