Merchant information may have been stolen from Global Payments

Hackers had access to servers hosting personal information of merchant applicants, Global Payments said

Hackers might have stolen the personal information of individuals who applied for a merchant account with card payment processor Global Payments.

"We have recently learned of potential unauthorized access to servers containing personal information from a subset of merchant applicants," Paul Garcia, Global Payments' chairman and CEO, said during a conference call with shareholders on Tuesday.

It's not clear whether the attackers actually accessed or copied the merchant data stored on the server, Garcia said. "However, we are notifying certain individuals in the U.S. whose personal information may have been subject to access."

Affected individuals will be offered free credit monitoring services and identity protection insurance of US$1 million. The three U.S. major credit reporting agencies have also been advised about the incident, Garcia said.

Garcia declined to share an exact number of individuals potentially affected by the unauthorized access to servers that contained merchant data, citing an ongoing process of analyzing that information.

Back in April, Global Payments announced that hackers managed to break into its payment processing system and stole Track 2 data corresponding to almost 1.5 million credit and debit cards. Track 2 data includes account numbers and card expiration dates, but not cardholder names or Social Security numbers.

The data breach is still being investigated by security experts and law enforcement authorities. The unauthorized access to servers containing merchant data was uncovered as a part of that investigation.

Following the incident, some of the credit card brands removed Global Payments from their lists of service providers compliant with the payment card industry data security standard (PCI-DSS). The company has hired an independent security assessor to review its security procedures and plans to reapply for certification once that audit is complete.

The company did not specify what kind of personal details were potentially exposed by the newly discovered breach. However, the latest notifications are unrelated to cardholder data, Amy W. Corn, Global Payments' senior vice president of marketing and corporate communications, said via email.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Lucian Constantin

Lucian Constantin

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Cate Bacon

Aruba Instant On AP11D

The strength of the Aruba Instant On AP11D is that the design and feature set support the modern, flexible, and mobile way of working.

Dr Prabigya Shiwakoti

Aruba Instant On AP11D

Aruba backs the AP11D up with a two-year warranty and 24/7 phone support.

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?