Global Payments breach reportedly worse than expected
The security breach at credit card processing company Global Payments extends back further than was previously believed. According to BankInfoSecurity, the incident is now thought to go back as far as January 2011 – it was originally believed to have taken place between 21 January and 25 February of this year, but later dated to early June 2011.
Security specialist Brian Krebs, who first broke the story, notes that the Atlanta-based card processor "has disclosed relatively little about the breach, and has sought to downplay the severity of it". While initial reports of the breach suggested that more than 10 million accounts had been compromised, Global Payments later said that fewer than 1.5 million card numbers had been taken. However, a recent report from The Wall Street Journal citing sources familiar with the matter says that "at least seven million card accounts are now considered potentially vulnerable".
In the weeks following the breach, a number of credit card companies, including MasterCard and Visa, removed Global Payments from their list of approved processors. At the time of writing, Global Payments has yet to update its official statement or the company's 2012 Information Security Update web site with further details about the breach.