Thursday, May 3, 2012
Visa Inc. and MasterCard Worldwide are warning card-issuing banks the breach at Global Payments Inc. began no later than June 2011, former Washington Post reporter Brian Krebs said on his Krebs on Security website. The card companies originally estimated the break-in and theft, first reported March 30, 2012, occurred between Jan. 21 and Feb. 25, 2012.
Krebs' May 1, 2012, report said Visa and MasterCard have issued seven updated alerts to their issuing banks since the Global Payments' breach was discovered. Each alert pushed the time frame for the onset of the breach further back. Krebs said it was the latest alert, issued in late April or early May, that told the banks the breach occurred no later than June 2011.
Global Payments stated on its updated Frequently Asked Questions page, "We have not publicly communicated any time periods and there is a full investigation underway. It would be premature and inappropriate for us to speak to or confirm any time frames until the investigation is complete."
The FAQ added a Global Payments' promise to "provide information to the appropriate parties" as the breach investigation continues. Amy Corn, Global Payments Senior Vice President of Marketing and Corporate Communications, referred a request for comment to the updated FAQ page and said the company would have no further comment.
Krebs said Visa and MasterCard are also warning banks of more compromised cards. Global Payments stated on its FAQ page, "We continue to believe that less than 1.5 million card numbers may have been exported." This is the same approximation the company gave when it first alerted the public to the breach.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.