Global Breach: Did It Start in 2011?

New Visa Advisories Suggest Breach Goes Back to June
Global Breach: Did It Start in 2011?

Evidence is mounting that Global Payments Inc. may have been breached months earlier than initially reported.

See Also: From Authentication to Advanced Attack Vectors: Top Trends in Cybercrime in Q1 2016

One affected card issuer told BankInfoSecurity that Visa issued an updated alert about the breach on April 26, noting that the window for compromise could date back to June 7, 2011. Another card issuer says the window of compromise, as provided by Visa, dates back to June 11. Both issuers asked to remain anonymous.

Previously, Visa's alerts indicated the breach occurred sometime between Jan. 21, 2012, and Feb. 25, 2012. But Global says it notified the affected card brands of the breach in early March, as soon as internal systems detected a compromise.

"The additional alerts did increase our initial compromised total by about 50 percent," one card issuer says.

The Visa advisories indicate that the card verification value codes, or CVV2 security codes, "may be at risk for some accounts." Global had indicated that only Track 2 data was involved. Track 2 data does not include any information about the cardholder, and is typically the only data used during an in-person buy.

Both card issuers say the overall fraud exposure on the accounts provided by Visa remains low, relative to other compromises, which is a good sign.

"We are seeing a substantial increase in credit card skimming, but so far, it is not linking back to this episode," one issuer says.

Security blogger Brian Krebs, who broke the story of the Global breach March 30, also posted a blog May 1 about the updated alerts.

Global Releasing Few Details

Global, however, is not offering precise information about the timeline.

On May 1, Global clarified some breach details on its website, but offered no specific dates.

"It would be premature and inappropriate for us to speak to or confirm any timeframes until the investigation is complete," Global states. "We will continue to provide information to the appropriate parties as revealed by the investigation."

At its April 1 press conference, Global said the breach had affected 1.5 million cards.

But Avivah Litan, a fraud analyst at Gartner and one of the first experts to comment on the breach, maintains the Global breach is bigger than has been revealed so far.

After speaking last week with international law enforcement agencies in Europe, she says, "There is much more to this incident than what the public is being told."


About the Author

Tracy Kitten

Tracy Kitten

Executive Editor, BankInfoSecurity & CUInfoSecurity

A veteran journalist with more than 18 years' experience, Kitten has covered the financial sector for the last 11 years. Before joining Information Security Media Group in 2010, where she now serves as the Executive Editor of BankInfoSecurity and CUInfoSecurity, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network