Four large U.S. banks and giant card-payment processors that issue debit and credit cards were hit by a data-security breach that was discovered by third-party services provider Global Payments Inc. when its systems were compromised by unauthorized access.
Global Payments Inc had found “unauthorized access” into its system early in March and notified law enforcement authorities and financial institutions, officials for the company said last Friday.
Law enforcement authorities including the Secret Service are investigating a major cyber intrusion at an Atlanta-based payment processor that could expose millions of Mastercard, Visa, American Express and Discover cardholders to fraudulent charges.
Payment network operators Mastercard, Visa, Discover Financial Services and American Express, along with a few banks and other franchises that issue cards bearing the operators’ logos confirmed they were affected by a data-security breach.
It was not immediately clear how Global Payments was penetrated, how many accounts were exposed or the exact number of the cardholders who became victims of the cyber attack.
A spokesman for MasterCard said the company has hired an independent data-security organization to review the incident. Secret Service is leading investigations into the case but declined to give any further details, said from the agency.
Officials for banks and processors said the full extent of the breach had not been determined yet, but they said it was a massive one and could affect more than 10 million cardholders.
The security breach is just the latest in a long string of incidents that have put the personal information of millions of credit and debit cardholders at risk.
Those banks are prized targets for hackers because of the vast amount of sensitive financial information. The Global Payments’ stock fell more than nine percent on the news before trading was halted. A spokesman said the breach would be discussed in a phone call with investors tomorrow.