MasterCard said it is investigating a possible breach of cardholder data, and informing customers that their accounts may be at risk, according to a report by the Wall Street Journal.
Security expert Brian Krebs first noted the breach, noting that both MasterCard and Visa had issued "non-public alerts" warning of a possible compromise could lead to counterfeit cards and account breaches.
A third-party U.S. based processor is thought to be the source of the breach. MasterCard was quick to note that its "own systems have not been compromised in any manner".
Law enforcement has been contacted and an "independent data security organisation" is conducting a forensic inquiry.
"Affected banks are now starting to analyze transaction data on the compromised cards, in hopes of finding a common point of purchase. Sources at two different major financial institutions said the transactions that most of the cards they analyzed seem to have in common are that they were used in parking garages in and around the New York City area."
The payment processing giant declined to comment on how many accounts or cards may be affected.
Both MasterCard and Visa process payments on behalf of banks which issue customers with their credit and debit cards.