Visa and Mastercard have confirmed in communications with major banks that between 21st January and 25th February, over 50,000 credit card details were stolen from the Global Payments Inc. US payments processor. It was initially thought that this number was far larger - Visa alone claiming that over 46,000 cards had been compromised. However, many of those numbers turned out to be duplicates, so it was dropped to 'just' 26,000.
Unfortunately it hasn't taken long for those behind the hack to either begin using the information themselves, or to sell it on to people who have, as so far over 800 accounts have been used fraudulently. This most recent information was released by security blogger Brian Krebs, who stated that as many as 10 million cards might eventually be affected by the breach.
The level of the data acquired by hackers is said to be in a track one and two format, which essentially equates to customer name, credit card number, expiration date and the rear security numbers. This potentially allows fresh cards to be created with the new data and used in the real world as well as online.
It seems incredible that after seeing credit card leak fiascos like Sony's last year, where the company failed to warn customers for over a week, Visa and Mastercard would only inform banks at this point. Customers must surely be incensed that they too weren't warned at the earliest possible occasion.