Global Breach: Did It Start in 2011?
New Visa Advisories Suggest Breach Goes Back to JuneEvidence is mounting that Global Payments Inc. may have been breached months earlier than initially reported.
See Also: Webinar | Identity Crisis: How to Combat Session Hijacking and Credential Theft with MDR
One affected card issuer told BankInfoSecurity that Visa issued an updated alert about the breach on April 26, noting that the window for compromise could date back to June 7, 2011. Another card issuer says the window of compromise, as provided by Visa, dates back to June 11. Both issuers asked to remain anonymous.
Previously, Visa's alerts indicated the breach occurred sometime between Jan. 21, 2012, and Feb. 25, 2012. But Global says it notified the affected card brands of the breach in early March, as soon as internal systems detected a compromise.
"The additional alerts did increase our initial compromised total by about 50 percent," one card issuer says.
The Visa advisories indicate that the card verification value codes, or CVV2 security codes, "may be at risk for some accounts." Global had indicated that only Track 2 data was involved. Track 2 data does not include any information about the cardholder, and is typically the only data used during an in-person buy.
Both card issuers say the overall fraud exposure on the accounts provided by Visa remains low, relative to other compromises, which is a good sign.
"We are seeing a substantial increase in credit card skimming, but so far, it is not linking back to this episode," one issuer says.
Security blogger Brian Krebs, who broke the story of the Global breach March 30, also posted a blog May 1 about the updated alerts.
Global Releasing Few Details
Global, however, is not offering precise information about the timeline.
On May 1, Global clarified some breach details on its website, but offered no specific dates.
"It would be premature and inappropriate for us to speak to or confirm any timeframes until the investigation is complete," Global states. "We will continue to provide information to the appropriate parties as revealed by the investigation."
At its April 1 press conference, Global said the breach had affected 1.5 million cards.
But Avivah Litan, a fraud analyst at Gartner and one of the first experts to comment on the breach, maintains the Global breach is bigger than has been revealed so far.
After speaking last week with international law enforcement agencies in Europe, she says, "There is much more to this incident than what the public is being told."