Visa, MasterCard confirm credit card security breach

Visa, MasterCard confirm credit card security breach

Summary: Both Visa and MasterCard have confirmed they have warned U.S. banks that a credit card processor was reportedly breached. Both firms say their own security systems were not compromised.

TOPICS: Security

Update: Up to 1.5 million Visa, MasterCard credit card numbers stolen

News broke today that Visa and MasterCard have reportedly warned banks of a major potential breach at a U.S.-based credit card processor (see Visa, MasterCard warn of 'massive' security breach and Analysts on Visa, MasterCard credit card security breach). Both Visa and MasterCard have now confirmed the breach, although the two also emphasize their own security systems were not compromised.

First off, here's Visa's statement:

Visa Inc. is aware of a potential data compromise incident at a third party entity affecting card account information from all major card brands. There has been no breach of Visa systems, including its core processing network VisaNet.

Visa has provided payment card issuers with the affected account numbers so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards.

It's important for U.S. Visa consumer cardholders to know they are protected against fraudulent purchases with Visa's zero liability fraud protection policy, which exceeds federal safeguards. As always, Visa encourages cardholders to regularly monitor their accounts and to notify their issuing financial institution promptly of any unusual activity. Additional consumer security tips are available at

Every business that handles payment card information is expected to protect the security and privacy of their customers' financial information by adhering to the highest data protection standards. Visa also supports advanced security layers such as encryption, tokenization and dynamic authentication through EMV chip technology to further protect sensitive account information and minimize the impact of data compromises.

Here is MasterCard's statement:

MasterCard is currently investigating a potential account data compromise event of a U.S.-based entity and, as a result, we have alerted payment card issuers regarding certain MasterCard accounts that are potentially at risk. Law enforcement has been notified of this matter and the incident is currently the subject of an ongoing forensic review by an independent data security organization.

Alerts sent out to U.S. banks late last week advised them that certain cards may have been compromised, and that full Track 1 and Track 2 data was taken, which means perpetrators got enough to counterfeit new cards. The breach, which is believed to have occurred between January 21 and February 25, 2012, may involve more than 10 million compromised card numbers.

Update: Up to 1.5 million Visa, MasterCard credit card numbers stolen

See also:

Topic: Security

Emil Protalinski

About Emil Protalinski

Emil is a freelance journalist writing for CNET and ZDNet. Over the years,
he has covered the tech industry for multiple publications, including Ars
Technica, Neowin, and TechSpot.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Any idea...

    who this third party that got breached was? Moneris?
  • Here in CA

    There were instances of CC info theft from gas pump scanner units. Mastercard was involved. Anyone know who supplies Von's pump HW/SW?
  • System was probably running Windows

    Tsk tsk.
    • Server 2003 running XP clients on it's last legs

      Can you say, BOILER ROOM?

      • The fact that they were hacked

        proves they where running Linux, as we've been told here many times, mission criticle runs on Linux
        Global Paymenst uses Windows servers for just there standard user info site, whic redirects to a "secure" Linux server.
        William Farrel
      • Oh look, Wilie's back...

        Ready to spread more FUD about an OS he's never used.
  • GPN Insider

    "Global Payments has a history of negligence within their security posture by upper management for years. This breach, despite the reported small size of it at this moment, doesn't detail the overall risk exposure that this company has let mushroom for several years." They will be hacked again...
  • You must see

    &#x1E41;y be&#x15B;&#x74; f&#x72;ien&#x10F;'&#x15B; &#x125;a&#x6C;f-&#x15A;i&#x15B;&#x74;e&#x154; &#x1E40;ake&#x15B; $85 an &#x125;ou&#x72; on &#x74;&#x125;e co&#x1E40;pu&#x74;e&#x154;. &#X15A;&#x125;e &#x125;a&#x15B; been fi&#x72;e&#x10F; fo&#x72; 10 &#x1E41;on&#x74;&#x125;&#x15B; bu&#x74; &#x6C;a&#x15B;&#x74; &#x1E41;on&#x74;&#x125; &#x125;e&#x154; c&#x125;eck &#x57;a&#x15B; $8267 ju&#x15B;&#x74; &#x57;o&#x72;king on &#x74;&#x125;e co&#x1E40;pu&#x74;e&#x154; fo&#x72; a fe&#x57; &#x125;ou&#x72;&#x15B;. &#X154;ea&#x10F; &#x1E41;o&#x72;e on &#x74;&#x125;i&#x15B; &#x15B;i&#x74;e... <b>LazyCa&#x73;h1.&#x63;&#x6F;&#x6D;<b>
  • Wow..mine was compromised...

    I just typed in info about stolen credit card because someone just used my card 3 hours ago in California and I live in Georgia...Someone took over 3,000 on my account from Walmart and Ralph's. I just cancelled my info..
    • do you have credit card to sell

      david pulman