On Friday, Visa and MasterCard notified banks that Global Payments had been hacked sometimes in January or February.
We wish it were an early April Fool’s day joke but unfortunately, the credit card security breach announced by Visa and MasterCard on Friday was very real. The credit card companies began notifying banks that consumer transaction data could be at risk due to a third-party transaction processor being breached sometime between January 21 and February 25.
Global Payments Inc. is a company based out of Atlanta, Georgia that was the victim of the data hacking attack a few months ago. However, the company didn’t realize there had been a breach until Friday, when it then notified the appropriate industry representatives to get the word out.
The company didn’t say what type of data had been accessed (whether personal information, card information, or something else) but it has been determined that information related to 1.5 million cards may have been compromised. Although the company worked with Visa and MasterCard systems, both big name companies were sure to stress that their systems were in no danger from the Global Payments network hack.
This shines some light on the complex inner workings of the U.S. credit payment system. Companies that the public will never hear about (like Global Payments) handle billions of transactions a day. The title given to companies like Global Payments is third-party processors. These third-parties serve as middle men between banks and merchants.
Although the general public may have never heard of Global Payments, the company was the seventh-largest merchant acquirer in the U.S. in 2011. Already, Global Payments is reported to have handled $120.6 billion USD in Visa and MasterCard transactions, 11% more than what the company handled last year. Not only do merchant acquirers handle credit transactions for merchants, but they also process gift cards and debit cards. Merchant acquirers also have huge targets on their backs from hackers.
In 2005, hackers infiltrated CardSystems Solutions Inc., another third-party processor, and over 40 million credit and debit cards were at risk. Thankfully, this incident doesn’t match that fiasco in scale. An even greater catastrophe struck in 2007 when TJX Cos. was hacked and over 90 million debit and credit card numbers were stolen.
It would seem like simply re-issuing credit cards to customers would be the easiest way to ensure no further credit card fraud happens, but for banks, the decision isn’t that easy. The cost to re-issue cards (all of the administrative work and then the cost of the physical card itself) sometimes can exceed the cost of the actual stolen funds.
Despite that, Discover has announced that they will of course re-issue cards to customers as needed. J.P. Morgan Chase, Bank of America, and Discover released statements saying that to be safe, they are monitoring their systems for any suspicious activity that may be fallout from the Visa and MasterCard hackers.
Global Payments has felt the hit on the stock market. Due to report its quarterly earnings on April 4th, the company only confirmed that the security breach had been through their network after the market had closed on Friday. Today, as of the writing of this article, the company stock is down 3.27%.
Some consumers are just as upset about their credit card data as they are about the fact that nothing has been heard from Global Payments since the announcement of the break-in. Many are calling for at least an apology from the company for not noticing the hack for so long and of course, for not being vigilant enough to stop it in the first place.