Credit card and combination lock
March 31, 2012

‘Hundreds Of Thousands’ Of Card Accounts Compromised By Cyberattack

An Atlanta, Georgia-based credit and debit card processing firm confirmed on Friday that they had been the victim of a cyberattack that has reportedly put tens of thousands of accounts at risk.

According to Robin Sidel and Andrew R. Johnson of The Wall Street Journal, the full extent of the breach at the company, Global Payments Inc., had not be determined as of Friday night, and it "wasn't immediately clear" whether any cardholders had reported any fraudulent transactions on their accounts.

MasterCard and Visa had notified credit card issuers of the security breach, AP Business Writer Pallavi Gogoi said. The companies did not disclose how many customers had been affected by the cyberattack, which reportedly look place in early March, but Sidel and Johnson said that sources told them that "hundreds of thousands" of accounts may have been compromised by the hackers.

"Global Payments said it had alerted federal law enforcement and was investigating," Gogoi added. "Spokeswoman Amy Corn would not say whether cards besides Visa and MasterCard were affected."

The Wall Street Journal reported that the Global Payments had said that it "identified and self-reported unauthorized access into a portion of its processing system," and that they had "determined that card data may have been accessed." They did not specifically say exactly what type of information may have been accessed, but noted that they had contacted "appropriate industry parties to allow them to minimize potential cardholder impact."

Visa told Gogoi that accounts in the United States were not in danger, and both they and MasterCard told the Associated Press that their own systems had not been compromised by any attacks. Furthermore, as Sidel and Johnson noted, "Consumers typically aren't liable for unauthorized purchases made on their cards."

Visa also told The Wall Street Journal that the Secret Service was investigating the incident.

The Global Payments attack is the third major cyberattack of its kind in the past twelve months. In May 2011, Citigroup was hit by hackers, and the Journal reports that card numbers, names, and email addresses from more than 350,000 accounts were exposed. The month before that, an unidentified number of customer names and email addresses were accessed as part of a breach at Epsilon Data Management.

"In the past year, there have been high-profile data attacks against the International Monetary Fund, National Public Radio, Google and Sony's PlayStation Network," added Gogoi.


On the Net: