Hackers breach credit processor, thousands of cardholders at risk

By on March 30, 2012, 6:32 PM

Hackers swiped the financial data of thousands of people in a security breach earlier this year, according to reports by Brian Krebs and The Wall Street Journal. Global Payments Inc., an Atlanta-based processing firm that serves as a middleman between merchants and banks, discovered shady activity in early March, though the break-in is suspected to have occurred between January 21 and February 25.

Global Payments quietly alerted others in the financial industry last week, but it seems to have delayed public acknowledgment until word trickled out this morning. The outfit may have wanted to break the news after its quarterly earnings statement on April 4. Its late afternoon press release is scarce on details, but the company is expected to share more information in a conference call on Monday at 8:00AM EDT.

It's unclear what was swiped and how many people are affected. PSCU, a provider of online financial services to credit unions, warned 482 of its clients that 56,455 Visa and MasterCard accounts were compromised, with 876 accounts showing fraudulent activity. That's only a snapshot of the potential damage, according to Krebs. The WSJ reports that hundreds of thousands of cardholders may be at risk.

Avivah Litan, a veteran Gartner analyst specializing in financial fraud, spoke with folks in the credit card industry who are seeing signs of the breach's impact. Litan's sources also claim that the crime was committed by a Central American gang who infiltrated Global Payments' system by correctly answering authentication questions on a poorly secured administrative account. Again, this information is unconfirmed.

Visa and MasterCard promptly announced that their networks weren't compromised. Along with various ongoing internal investigations, the US Secret Service and an unnamed forensic company are looking into the case. Credit firms are monitoring accounts for unusual activity and depending on the severity of the situation, they may issue new cards. Keep an eye on your financial statements in the meantime.




User Comments: 18

Got something to say? Post a comment
Guest said:

Which is why I prefer to pay with cash for EVERYTHING.

Guest said:

Its not always possible to pay by cash especially if you are buying items online, ebay, etc...

TomSEA TomSEA, TechSpot Chancellor, said:

My Bank of America VISA was part of this group only no fraudulent activity occurred. I only found out because I tried to use my card yesterday and the charge was denied - very embarrassing. Contacted the bank to find out what was going on and they mentioned mine was a part of a large group of cards that had been compromised and that they had already mailed out a replacement card. I was pretty pissed - "well if you guys knew this and had already mailed out a replacement, how come you didn't inform me so I wouldn't have tried making purchases on my old card??" ******...

Guest said:

Fight club ; project mayhen ,lol

tengeta tengeta said:

using cash is easier and safer, but when you live in a garbage part of your town like i do there aren't any atm's in the area. the three that existed got stolen years ago.

treetops treetops said:

tengeta said:

using cash is easier and safer, but when you live in a garbage part of your town like i do there aren't any atm's in the area. the three that existed got stolen years ago.

damn dude thats extra ghetto, every other gas station has one inside around here, im few miles from a really ghetto town and a decent town

@ article, since I got a really nasty virus last week iv been afraid to log into my bank account or even deposit a new check, I almost wish banks would go back to filing cabinets, i need to change my pass just in case, sigh

penn919 said:

tengeta said:

using cash is easier and safer, but when you live in a garbage part of your town like i do there aren't any atm's in the area. the three that existed got stolen years ago.

How do you steal an atm? wtf

madboyv1, TechSpot Paladin, said:

penn919 said:

tengeta said:

using cash is easier and safer, but when you live in a garbage part of your town like i do there aren't any atm's in the area. the three that existed got stolen years ago.

How do you steal an atm? wtf

With crow bars, a couple bodies worth of muscle, and the cover of night. I've walked past the hole in which an ATM used to be in before, it's pretty impressive to say the least, though depending on the age of the building and the ATM, the thing might not even be bolted down.

MrTomTom said:

Prepaid Mastercard.

Guest said:

Online - I use credit cards with a very low limit only

Offline - I have a RFID blocking wallet because criminals can get a person's credit card info just by sitting around with a crude handmade device

Guest said:

Oracle for today:

This is just a preview of how digital info and digitally powered "anything" still succumb to Human power-as does ething on this physical realm. Just think; Google wants to drive our cars with us as passengers and some robot driving. Our CC #'s which is theoretical info, aren't even integral; is it expected that any other -public-automation is exempt from |337 5|<!1Iz hrmmm?? Too fast in the WRONG direction is where society is being led by greedy shepherds. Wake the **** up people really.....really.

Tygerstrike said:

What scares me is the fact that they dont really know how many cards were compromised. That only makes me nervous. What makes it even worse is they didnt catch anyone!! If I were to go rob a bank, I would leave tons of forensic evidence at the scene of the crime. Hacking doesnt even give the authorities that much info. If the hackers were smart enough to break into the PCI network, then they prolly wont catch them until they make a mistake.

Guest said:

and so comes the mark of the beast...

Guest said:

"How do you steal an atm? wtf "

thats the easy part. the hard part would be getting the money out.

MilwaukeeMike said:

56,000 compromised cards? that's like what .001%. Anyway... credit card companies are very fast to call you if suspicious activity shows up, or turn your card off altogether. And if someone does get a purchase through, they won't blame you anyway.

I once got cheated on ebay.... ebay did nothing, 4square didn't help... but my CC company refunded all my money.

avoidz avoidz said:

I read the early numbers were more like 10 million credit card numbers compromised. And Stage 1 and Stage 2 information was taken, which they say is enough to clone cards. Some have already been used.

Guest said:

Don't worry - they couldn't get the security codes, so they have to try multiple combinations for each card. This will probably slow em down unless they have a large network of computers to make paralel queries.

Guest said:

Last month i was missing half a milion! ('bout a hundred U.S dollars), Bank replaced it

Today they got 200 grand (40 U.S bucks), n i was shoppin with my gurl! :(

I wanna hack Visa's too :( or yank out an ATM with a Toyota Hilux or sum'n. lol

-SnapDragon

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.