As many of you know, I’ve been following the Global Payments’ data breach story since it first broke.  I’ve wanted to make sure consumers knew what their credit card companies were hearing from Global Payments and what steps consumers should take to protect themselves.

I had seen that Global Payments was having a July 26th call with investors to update them about the latest news about the data breach.  I went to the Global Payment’s website created specifically to address breach issues and found that the news being provided had little information that will be of help to consumers.  The site (www.2012infosecurityupdate.com) was last updated on June 12th.  The site has a “press releases” tab so I went there.

So what information was relayed by Global Payments Chairman and CEO Paul Garcia during that call?  Here’s what I’ve learned from the press release and from stories by Tom Field (www.bankinfosecurity.com; “Global Payments Breach:Too Few Details”) and J.Scott Truby (The Atlanta Journal-Constitution; http://www.ajc.com/business/breach-costly-to-global-1485468.html; “Breach costly to Global Payments”).

The latest from Mr. Garcia on behalf of Global Payments is as follows:

  1. They’ve finished their internal investigation;
  2. They’ve begun remediation;
  3. The breach has cost Global Payments $84.4 million; and
  4. They’re working had to become compliant again with the card processing standards that are required by Visa, MasterCard and other card companies.

Both Visa and MasterCard dropped Global Payments from their compliance list once the data breach was brought to their attention.

Global Payments offered no details about the above 4 points.  In fact, the Global Payments press release posted on their website only had 1 paragraph about the data breach (“Data Intrusion Investigation”).  In that paragraph, they reported that “A qualified security assessor is conducting the independent review required to return the company to the lists of PCI compliant service providers.”

As Mr. Truby noted in his article, Global Payments processes billions of transactions every year at more than 1 million locations around the world.  So Global Payments might be understandably reluctant to reveal too many details about either their investigation or their ongoing remediation — lest they provide clues to other hackers about vulnerabilities.

It would be helpful, however, for consumers to know exactly how many accounts have been affected and any new information about the type of consumer personal and financial information that was stolen.  Let’s hope Global Payments can share that type of information soon.

In the meanwhile, stay alert to make sure you don’t see suspicious and/or unauthorized charges on your credit cards.