Feeds

New ID leak from Global Payments

More fallout from hack attack

Choosing a cloud hosting partner with confidence

Credit and debit card processor Global Payments has warned that additional confidential information on its servers may have been compromised in the hacking attack earlier this year that saw around 1.5 million credit card details snatched.

In a press call, company CEO Paul Garcia said that subsequent investigations internally and by federal authorities into that attack have shown that confidential information submitted by small merchant customers may have been compromised, although it wasn't clear if the attackers had scanned it.

"What we initially announced did impact less than 1.5 million cards that we believed were taken by the bad guys for nefarious purposes," Garcia said. "This is something very different. We uncovered that the bad guys may have had access."

Garcia declined to give details on the nature of the information or the numbers of customers effected, but said that each would get $1m in identity fraud insurance paid for by the company. Credit agencies have also been informed and those at risk would be contacted. So far there was only "anecdotal" evidence of fraud on the stolen credit cards and none on the new leak, he said.

In an effort to woo back lost customers like Visa, Global Payments has drafted in an independent consultant to examine its security and data handling procedures. Some payment companies have pulled Global Payments from their data security standard (PCI DSS) list and Garcia said that his staff would then make any changes suggested in the consultant's report and reapply for certification.

Despite the loss of revenue stemming from the attack, Garcia said that the company was sticking with its current financial forecasts for the year and expects this to be a one-time cost to the balance sheet. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.