Visa and MasterCard Investigate Data Breach

Excerpt from an article in

The New York Times

Saturday, March 31, 2012

Visa and MasterCard Investigate Data Breach

By JESSICA SILVER-GREENBERG and NELSON D. SCHWARTZ

Visa and MasterCard are investigating whether a data security breach at one of the main companies that processes transactions improperly exposed private customer information, bank officials said Friday. The event highlighted a crucial vulnerability that could affect millions of credit card holders.

The breach occurred at Global Payments, an Atlanta company that helps Visa and MasterCard process transactions for merchants. One bank executive estimated that about one million to three million accounts could be affected. That does not mean that all those cards were used fraudulently, but that credit card information on the cardholders was exposed.

The bank official, who insisted on anonymity because the inquiry is at an early stage, said that Visa and MasterCard notified his company on Thursday, but that banks had been frustrated with the pace of disclosure by Global Payments. He said that Global Payments, which is one of the biggest transactions processors, had provided little information on where the breaches took place, how accounts were hacked and other details that could indicate which customers might be vulnerable.

Banks said that when they could identify victims, they would notify them and replace credit cards, if necessary.

While far from the largest breach of credit card data in recent years, the latest incident, which is being investigated by major banks and federal authorities as well as the card companies, underscores concerns about the vulnerability of electronic financial data.