Global Payments Inc Data Breach (Part 2 of 2)

Posted April 11, 2012, 3:29 pm by Jorge Flores

Image of Jorge

Jorge Flores

Welcome back to part 2 of my  blog series discussing the details of the recent Global Payments data breach. Last week I went over some general details surrounding the original breach disclosure and some of the early information that was available at the time.

On an April 2nd conference call with Global Payments CEO Paul Garcia, incident details differ greatly from the original report disseminated by Brian Krebs. This conference call was closed to the press and was directed towards investors only as Q3 2012 results were also discussed.

You can listen to the full audio from the conference call here:

Global Payments Call

“The company believes that fewer than 1.5 million card numbers may have been stolen”, stated Paul.

They also believe that the “theft involved Track 2 card data only”. They do not believe that any Track 1 data was compromised nor that any “cardholder names, addresses, social security numbers or consumer banking information [were] obtained by the criminals”.  Also, when asked if they were aware of any fraudulent transactions on the affected accounts, Paul replied, “No, [they] are not”. Paul also made it clear that “this was not a merchant breach”, meaning that neither merchant systems nor POS systems were involved (which is atypical in this type of data breach). It was actually a “handful of servers” in a subset of their North American processing system that experienced the direct breach. Visa has removed Global Payments from their list of “compliant service providers” pending the results of the forensic investigation and successful remediation efforts. This has not affected Global Payments’ ability to process Visa payments or sign up new merchants however as Paul confirmed, “We’re literally signing them [up] right now”.

One glaring question comes to mind when comparing the statistics from the conference call with the numbers from the original breach report. How do you go from 10 million accounts potentially affected down to 1.5 million potentially affected? That’s quite a large discrepancy. A couple of statements by Avivah Litan, Vice President and analyst with Gartner Research may help clarify some things. The “1.5 million” number that Global Payments is disclosing are the accounts it believes were “exported” (i.e. downloaded or copied) from their systems.

“Global Payments said it has used different terminology than most companies in announcing a breach”, Litan said.

“Typically when you disclose [a breach], you say how many cards were potentially compromised rather than exported, so the use of language is unusual, “she said.

All of this contrasting information just goes to show you that this breach is still very early in the forensic investigation stages. More detailed and accurate information will undoubtedly surface as the year goes on.

No matter the details however, it is important that you (the consumer) protect yourself from any potential identity theft culminating from this incident. Stay tuned next week for the conclusion of my blog series where I will provide tactful information on how to make sure your accounts stay protected in light of this incident.  


Global Payments CEO Discusses Q3 2012 Results - Earnings Call Transcript

Filed under: Security Threats
Edited January 12, 2018 by Chris
Listed in Communities: Our Site

You must be logged in to post comments.