Global Payments Inc., a provider of payment processing services, previously announced that it had identified and self-reported unauthorized access into its processing system.
Based on the investigation to date, the company continues to believe that a limited portion of its North American card processing system was affected. As discussed in an earlier announcement, the company's continuing forensic investigation confirms that actual card numbers that may have been exported did not exceed 1,500,000. The company has, however, provided a larger quantity of card numbers to industry brands to enable them to proactively monitor cardholder activity. The evidence continues to indicate that the potential card exportation was limited to Track 2 data.
The company's ongoing investigation recently revealed potential unauthorized access to servers containing personal information collected from a subset of merchant applicants. It is unclear whether the intruders looked at or took any personal information from the company's systems; however, the company will notify potentially-affected individuals in the coming days with helpful information and make available credit monitoring and identity protection insurance at no cost. The notifications are unrelated to cardholder data and pertain to individuals associated with a subset of the company's U.S. merchant applicants.
The company believes that this incident is contained. The company has made substantial progress in its investigation and remediation efforts and plans to provide additional information regarding the potential financial impact, the PCI compliance process and the status of the investigation not later than itsJuly 26, 2012 year-end earnings call.
Paul R. Garcia, chairman and CEO ofGlobal Payments, said in a prepared statement, "We sincerely apologize for this incident and are working diligently to conclude our investigation. We are committed to fully resolve any issues arising from this matter and we, of course, continue to provide uninterrupted transaction processing for our customers worldwide."
Additional information is available at www.2012infosecurityupdate.com.