SEARCH

Entries in Global Payments (2)

Monday
Apr022012

1.5 Million Credit Card Numbers May Have Been Compromised

iStockphoto/Thinkstock(ATLANTA) -- You probably had a bigger chance of facing credit card security headaches than winning the Mega Millions lottery.

While there were just three jackpot winners, as many as 1.5 million credit card numbers may have been compromised by hackers. The latest breach came from Atlanta processing firm Global Payments, which announced on Friday unauthorized access into its processing system.

“We are making rapid progress toward bringing this issue to a close. Our nearly 4,000 employees around the world are focused on providing exceptional service. We are open for business and continue to process transactions for all of the card brands,” said Global Payments CEO Paul R. Garcia.

Visa has pulled Global Payments from a list of hundreds of firms considered to be “compliant service providers,” according to the Wall Street Journal. If you tried to pay with Visa on Sunday you may have been shut out for a while. Visa says a 45-minute outage was caused by a technical problem that’s apparently unrelated to the Global Payments breach.

Copyright 2012 ABC News Radio

Sunday
Apr012012

Credit Card Processor Hit by Hackers

Comstock/Thinkstock(NEW YORK) -- Merchants and consumers could be the big losers in the latest case of hackers cracking the complex systems used to process credit and debit card transactions.

Visa and MasterCard acknowledged Friday that they've been alerting banks about a major breach at Global Payments, an Atlanta-based payment card processing firm.

Global Payments issued a statement late Friday saying it discovered the breach in March and reported it to industry officials and the FBI. The company scheduled a press conference for Monday morning.

Gartner banking security analyst Avivah Litan says unverified reports point to a New York City street gang with Central American ties taking control of "an administrative account that was not protected sufficiently."

"I've spoken with folks in the card business who are seeing signs of this breach mushroom," says Litan.

Security blogger Brian Krebs, who broke the story, says thieves cracked into the Global Payments network between Jan. 21 and Feb. 25. He says they may have swiped more than 10 million credit and debit card transactions records. .

MasterCard issued a statement advising cardholders to contact the financial institution that issued their cards with any concerns. Visa emphasized that no Visa systems were breached.

But criminals generally don't bother highly defended systems, and look for security flaws elsewhere. "Sooner or later they find some weakness in the highly complex chain of systems that they can exploit," says Geoff Webb, of data security firm Credant Technologies.

Credit card processors have been breached before. Heartland Payment Systems lost 130 million payment card records generated by 250,000 merchants and restaurants between 2008 and 2009.

And it's not just card processors that are being targeted. Last year hackers stole payment card information for more than 100 million customers of Sony's PlayStation Network.

And earlier this year, online shoe retailer Zappos disclosed hackers took e-mail and shipping addresses, phone numbers and account passwords for some 24 million customers, data useful for identity theft.

"Any business that's capturing payment data is a target," says Mark Bower, analyst at Voltage Security.

Gangs are adept at quickly manufacturing faked debit cards to make large cash withdrawals from ATMs. In such cases the individual's cash goes missing until a theft is reported and reimbursement carried out, which can take several days.

"You should always be watching your statements for unauthorized transactions; but right now people should be extra vigilant," says Steve Coggeshall chief technology officer at ID Analytics.

Retailers are also acutely exposed. Some 46 states have now enacted data breach disclosure laws that require merchants to notify customers whose card numbers are stolen.

Many of these data loss disclosure laws impose stiff fines if notifications are not done in a timely manner, says Ted Julian, of Co3, a Cambridge, Mass.-based start-up that helps retailers manage the repercussions of credit card theft.

Massachusetts has begun levying such fines. Other states could see a windfall in fines levied against merchants who are slow to notify consumers that their payment card data, credit or debit card number is in criminals' hands. "Merchants are definitely on the hook for these state disclosures, because they are the ones who have the consumer relationship," Julian says.

Copyright 2012 ABC News Radio







ABC News Radio