Visa and MasterCard: Are you at risk?
Hackers attack a pipeline that services credit card transactions, exposing more than one million customers to fraud
Global Payments (GPN), a little-known third-party processor of credit-card transactions, has admitted that its security defenses were breached by hackers, leaving more than 1 million customers of Visa (V), MasterCard (MA), and other companies vulnerable to fraud.
Visa and MasterCard were quick to reassure customers that they would be covered for any losses from theft, but the attack nevertheless is raising concerns about the security of the credit-card payment system. The incident is also casting a spotlight on Global Payments and other companies that help execute credit-card transactions, and that could be less secure than bigger companies like Visa.
Here, a guide to this major data breach.
What did the hackers steal?
The thieves were able to obtain as many as 1.5 million credit card numbers and corresponding expiration dates, according to Global Payments. However, customers' names, addresses, and social security numbers reportedly remain safe. The hackers may try to use the data to make illegal purchases, but will likely be foiled if they're asked to key in the CVV code (the three to four numbers printed on the back of your card).
How does Global Payments have these numbers?
Global Payments is just one of many firms hired by Visa and other credit card companies to authorize transactions. Between your purchase at the store and your credit-card company registering the sale, there are dozens of third parties that do the invisible task of checking and clearing the data you provide with a swipe of the card. For a time, these companies possess your account information, which is the "holy grail" for computer thieves, say Jessica Silver-Greenberg and Nelson Schwartz at The New York Times.
How are credit card companies responding?
Visa says it will drop Global Payments' services, though other companies have yet to take that step.
Have third-party processors been attacked before?
Yes. In 2008, 130 million credit card accounts were exposed after Heartland Payment Systems (HPY) was attacked. In 2005, 40 million accounts were compromised in a breach of CardSystems Solutions. The breach of Global Payments was slightly different, and possibly more dangerous, because the hackers were able to "export" the data from the company's system, instead of just getting a glimpse of it, says Robin Sidel at The Wall Street Journal.
What can I do to protect myself?
"Customers should sit tight," says Julianne Pepitone at CNN. Credit card companies will contact you if your information has been stolen, and will cover the cost for any theft. Customers should also "carefully monitor credit card statements on a weekly basis" for any evidence of fraud, says Marianne Bicklet at Forbes.
More from The Week:
MORE ON MSN MONEY
Copyright © 2013 Microsoft. All rights reserved.
The Fed may start tapering in just a few months. Here are a few of the likely winners and losers.
VIDEO ON MSN MONEY
Top Stocks provides analysis about the most noteworthy stocks in the market each day, combining some of the best content from around the MSN Money site and the rest of the Web.
Contributors include professional investors and journalists affiliated with MSN Money.
Follow us on Twitter @topstocksmsn.