MasterCard investigates credit card data breach

MasterCard investigates credit card data breach

Summary: MasterCard is looking into a possible break-in at one of its credit card data processors that could have exposed the personal details of tens of thousands of people.On Friday a source close to the investigation told ZDNet UK that the data processor under investigation was Global Payments Inc.

SHARE:
TOPICS: Security
0

MasterCard is looking into a possible break-in at one of its credit card data processors that could have exposed the personal details of tens of thousands of people.

On Friday a source close to the investigation told ZDNet UK that the data processor under investigation was Global Payments Inc.

However, MasterCard declined to comment on the identity of the company under scrutiny.

"MasterCard is currently investigating a potential account data compromise event of a US-based entity and, as a result, we have alerted payment card issuers regarding certain MasterCard accounts that are potentially at risk," the company said in a statement on Friday.

The number of UK and European MasterCard customers affected by the breach was likely to be outweighed by US customers, a MasterCard representative told ZDNet UK.

"It's a US-based processor — I would see the majority of this taking place in the US," said the representative.

Visa and MasterCard have been warning banks about the breach, according to security journalist Brian Krebs. Up to ten million people could have been affected by the breach, which occurred between 21 January and 25 February, 2012. Enough data to counterfeit credit cards was stolen, according to Krebs.

However, Bloomberg revised the number of affected people down on Friday, saying that around 50,000 people could have been affected by the breach, and that Global Payments had ceased trading due to the investigation.

The MasterCard representative declined to comment on the scale of the breach.

"MasterCard is concerned whenever there is any possibility that cardholders could be inconvenienced and we continue to both monitor this event and take steps to safeguard account information," said the company statement. "If cardholders have any concerns about their individual accounts, they should contact their issuing financial institution.

"Law enforcement has been notified of this matter and the incident is currently the subject of an ongoing forensic review by an independent data security organization. It is important to note that MasterCard's own systems have not been compromised in any manner."

Visa Europe declined to comment on possible effects on European customers, and directed ZDNet UK to Visa.com in the US. Visa.com had not responded to repeated requests for comment at the time of writing. Global Payments Inc had not responded to requests for comment at the time of writing. The Wall Street Journal had also not received comment at the time of writing from Global Payments Inc.

ZDNet UK understands that Global Payments Inc is due to make a statement on Monday.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion