Visa and MasterCard have sent some interesting alerts to card-issuing banks this week, stating that the Global Payments breach acknowledged past month had actually started a year ago.
The attack, which affected over 50,000 credit cards, was originally believed to have taken place between 21st January and 25th February. The breach was only confirmed one month later, on 30th March, when Global Payments Inc. US announced the numbers publicly.
Back then, some sources even claimed that a much higher number of credit cards had been affected (approximately 10 million) by the breach, in which attackers managed to steal customer names, credit card numbers, expiration dates and the security number; everything needed to purchase something online.
Now, as Visa and MasterCard’s latest periodic alerts arrive at partner banks, it seems they were aware of the scheme since June 2011, eight months ago.
This hack could in fact have gone back a lot further, as security experts say it’s common for those compromised to experience a much longer time frame as investigations develop and new leads are uncovered.
Up to now, Global Payments has reported that less than 1.5 million card numbers have been stolen from the system, with it the attack first acknowledged on 8th March.
Amy Korn, spokeswoman for Global Payments, stated that the company cannot comment on the story at the moment, but will release further details on their official website when possible.
Source: KrebsonSecurityLeave a comment on this article