Global Payments financial hit over breach likely manageable

The payment processor blamed for a Visa and Mastercard data breach is expected to absorb any costs, analysts say.
Written by Larry Dignan, Contributor

Global Payments, the processor blamed for a Visa and Mastercard data breach last week, is likely to be able to manage its financial hit related to beefing up security.

In a statement, Global Payments confirmed that 1.5 million accounts may have been exported, but the attack was confined to North America.

Last week, Visa and Mastercard warned banks about a data breach. See:

  • Visa, MasterCard confirm credit card security breach
  • Analysts on Visa, MasterCard credit card security breach
  • Visa, MasterCard warn of 'massive' security breach
  • Security breach extends to Global Payments card processor
  • In addition, Global Payments issued a statement confirming the data breach. Global Payments said the company's security systems picked up the threat in March and contacted law enforcements. The company will hold a conference call Monday at 8 a.m. EDT.

    It's unclear how many accounts were compromised, but 10 million is the largest reported number thus far.

    If that figure sticks, Global Payments can weather the data breach, analysts said. For instance, Wells Fargo Timothy Willi said in a research note that Global Payments, which has $300 million to $400 million in unrestricted cash, can pay for the damage.

    Willi's take, which lines up with other analysts, is based on the data breach suffered by Heartland in 2008. Heartland is another payment processor and the accounts compromised ran as high as 130 million in a breach that lasted for months. Heartland's tab to data has been $147 million.

    Given Global Payments' compromised accounts is about 10 million the tab should be lower. RBS WorldPay also had 1.5 million accounts compromised with $9 million of fraud losses.

    Jefferies analyst Jason Kupferberg also noted that Global Payments can weather the hit.

    We await more details from the company to clarify the size and potential costs associated with the breach, but we note that even if the highest estimate that we've seen (10 million accounts compromised) is true, this still pales in comparison to the Heartland breach of 2009.

    Editorial standards