We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
79,796 News Articles

Merchant information may have been stolen from Global Payments

Hackers had access to servers hosting personal information of merchant applicants, Global Payments said

Hackers might have stolen the personal information of individuals who applied for a merchant account with card payment processor Global Payments.

"We have recently learned of potential unauthorized access to servers containing personal information from a subset of merchant applicants," Paul Garcia, Global Payments' chairman and CEO, said during a conference call with shareholders on Tuesday.

It's not clear whether the attackers actually accessed or copied the merchant data stored on the server, Garcia said. "However, we are notifying certain individuals in the U.S. whose personal information may have been subject to access."

Affected individuals will be offered free credit monitoring services and identity protection insurance of US$1 million. The three U.S. major credit reporting agencies have also been advised about the incident, Garcia said.

Garcia declined to share an exact number of individuals potentially affected by the unauthorized access to servers that contained merchant data, citing an ongoing process of analyzing that information.

Back in April, Global Payments announced that hackers managed to break into its payment processing system and stole Track 2 data corresponding to almost 1.5 million credit and debit cards. Track 2 data includes account numbers and card expiration dates, but not cardholder names or Social Security numbers.

The data breach is still being investigated by security experts and law enforcement authorities. The unauthorized access to servers containing merchant data was uncovered as a part of that investigation.

Following the incident, some of the credit card brands removed Global Payments from their lists of service providers compliant with the payment card industry data security standard (PCI-DSS). The company has hired an independent security assessor to review its security procedures and plans to reapply for certification once that audit is complete.

The company did not specify what kind of personal details were potentially exposed by the newly discovered breach. However, the latest notifications are unrelated to cardholder data, Amy W. Corn, Global Payments' senior vice president of marketing and corporate communications, said via email.


IDG UK Sites

Samsung Galaxy Alpha vs iPhone 5S comparison review: Metal smartphones fight

IDG UK Sites

Gateway to your kingdom: why everybody should check and update their broadband router

IDG UK Sites

Fonts review

IDG UK Sites

Best Mac? Complete Apple Mac buyers guide for 2014