Yesterday we’ve learned that MasterCard and Visa were alerting banks that a major processor has suffered a data breach. As it turns out, the victim of the breach is Global Payments Inc., a company that provides electronic transaction services worldwide.
In a press release made a few hours ago, Global Payments representatives reveal that in early March 2012 they discovered that someone breached part of its processing system, gaining access to credit card data.
As soon as the incident came to light, the company alerted federal law enforcement and experts from the IT forensics sector to assess the full extent of the hack.
“It is reassuring that our security processes detected an intrusion. It is crucial to understand that this incident does not involve our merchants or their relationships with their customers,” said company Chairman and CEO Paul R. Garcia.
Avivah Litan, a distinguished analyst at Gartner, informs that according to rumors, a Central American hacker group is responsible for the breach.
“I heard (and this may not be factual) that the crime was perpetrated by a Central American gang that broke into the company’s system by answering the application’s knowledge based authentication questions correctly. Looks like the hackers took over an administrative account that was not protected sufficiently,” Litan wrote.
Security journalist Brian Krebs, the one that first reported the incident, also cites two reliable sources as saying that the perpetrators are connected to Dominican street gangs from the New York City area.
Furthermore, Krebs learned that the main target of this operation may have been commercial credit and debit cards.
Visa also rushed to issue a statement to reassure customers that their systems were not breached.
In the meantime, while Global Payments handles the matter with the banks and merchants that relied on its services, cardholders are advised to keep an eye out for any fraudulent transactions.