A security breach earlier this year at Sandy Springs-based Global Payments has hit other parts of the payment processor's network than what was previously disclosed. But the number of affected individuals appears to be the same.
In a conference call Tuesday, Global executives said hackers might have accessed the personal information of an unknown number of merchants.
In late March, the credit and debit card processor acknowledged its systems had been breached and about 1.5 million account numbers had been compromised. The Social Security numbers, names and addresses of the cardholders, however, had not been obtained by thieves.
Global said Tuesday its investigation has confirmed the number of consumer accounts exported “did not exceed” 1.5 million, though Global has provided “a larger quantity of card numbers” to banks so that they can monitor accounts.
It now appears the perpetrators also gained access to personal information of individuals who applied to Global to process payments for their businesses.
Global said it was unclear if the thieves actually acquired the merchants’ personal information, but the company will soon notify affected people and provide credit monitoring and identity theft insurance.
Global Chairman and CEO Paul Garcia told analysts on a conference call that he was “outraged” by the criminal activity and apologized to consumers, customers and shareholders. The company’s investigation continues and Global is cooperating in a federal investigation.
Garcia said he believes the breach is contained.
Card giants Visa and MasterCard dropped Global from their respective lists of processors in compliance with industry data security standards in the wake of the incident. The company continues to process transactions for those card companies, and is attempting to regain security compliance.
Global processes billions of transactions each year — including credit and debit cards, gift cards and checks — at more than 1 million places worldwide, according to the company’s website.
Global has not said how much, if any, fraudulent charges have been made to affected consumer accounts.
The company said it is not yet able to disclose how much the breach has cost it, though Garcia described the potential financial impact as “manageable.” He said the company would provide more information on the financial impact to Global in its fiscal year-end earnings call next month.
Gerri Detweiler, director of consumer education at Credit.com, recommends consumers put a fraud alert with the major credit bureaus – Equifax, Experian and TransUnion – if they are concerned their information has been obtained.
Merchants potentially impacted by in this latest revelation could be tempting targets if fraudsters obtained their information, she said.
“If I were one of those merchants I’d definitely keep close tabs on my business [and personal] finances,” she said.
----
For more information
Global has set up a website with information about the breach at www.2012infosecurityupdate.com.
About the Author
