June 19, 2021

Global Payments Says 1.5M Card Details Exposed in Unauthorized System Access

(LiveHacking.Com) – Over the weekend VISA and MasterCard started alerting banks across the USA about a major security breach at a  credit card processor. Initial reports said that as many as 10 million credit card numbers were exported, including Track 1 and Track 2 information, raising fears of massive credit card cloning.  Shortly after the news broke, Atlanta-based processor Global Payments confirmed, via a press release, that it was the payment processor which had suffered the  unauthorized access into its processing system.

The company says that the affected portion of its processing system is confined to North America and less than 1,500,000 card numbers (not 10,000,000 as initially reported). Its investigation has revealed that Track 2 card data may have been stolen, but that cardholder names, addresses and social security numbers were not obtained by the criminals.

“We are making rapid progress toward bringing this issue to a close.  Our nearly 4,000 employees around the world are focused on providing exceptional service. We are open for business and continue to process transactions for all of the card brands,” said Chairman and CEO Paul R. Garcia.

Security expert Brian Krebs was one of the first to reveal details of the breach on his blog but initially he was unable to name Global Payments as the victim. VISA has now dropped support for Global Payments and added that “Visa Inc. is aware of a potential data compromise incident at a third party entity affecting card account information from all major card brands. There has been no breach of Visa systems, including its core processing network VisaNet.”

PSCU, which provides online financial services to credit unions, issued a security alert to its members after it was contacted by Visa. The alert reported that 46,194 of the compromised Visa card numbers belonged to PSCU customers, and that the breach lasted from Jan. 21 to Feb. 25.

Since Track 1 and Track 2 data was exposed, the thieves could use the stolen information to counterfeit new cards. For an explanation of the meaning of Track 1 and Track 2 data see here.

The origin of the attack is, as yet, unknown.