It is certainly no April Fool’s joke: Global Payments really experienced a major security incident late this past week. Global Payments (GPN on the NYSE) is a fairly small company right here in Atlanta that contracts with retailers to handle the processing of credit card, debit card and gift card transactions. The WSJ reported that “word of the breach circulated on Friday after Mastercard Inc. and Visa Inc. began alerting card-issuing banks that consumer transaction data may be at risk … but Global Payments confirmed it only after the market close”. Visa also told the banks that the cards were exposed between Jan. 21 and Feb. 25.
Security analyst Brian Krebbs apparently broke the story on his blog on Friday where he stated Visa and Mastercard were alerting customers that 50,000 accounts were compromised and Saturday the WSJ reported that Global Payments was the source. This morning Global Payments is now saying (and posted on their site yesterday) that hackers stole account numbers and other key information from up to 1.5 million accounts in North America. Over the weekend, Visa removed Global Payments from its list of “compliant service providers”.
This news certainly conflicts with their “Trust in every transaction” motto and is also a blight to all such card processors.