Reports are surfacing that credit card issuers Visa and MasterCard are warning banks of a massive breach at an undisclosed payments processor.
According to Brian Krebs, the breach occurred sometime between between Jan. 21, 2012 and Feb. 25, 2012 and may involve somewhere in the neighborhood of 10 million compromised card numbers.
Krebs reports that Visa issued the following statement in response to his initial coverage of the breaking news story"
"Visa Inc. is aware of a potential data compromise incident at a third party entity affecting card account information from all major card brands. There has been no breach of Visa systems, including its core processing network VisaNet."
"Visa has provided payment card issuers with the affected account numbers so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards."
"It’s important for U.S. Visa consumer cardholders to know they are protected against fraudulent purchases with Visa’s zero liability fraud protection policy, which exceeds federal safeguards. As always, Visa encourages cardholders to regularly monitor their accounts and to notify their issuing financial institution promptly of any unusual activity. Additional consumer security tips are available at www.VisaSecuritySense.com."
"Every business that handles payment card information is expected to protect the security and privacy of their customers’ financial information by adhering to the highest data protection standards. Visa also supports advanced security layers such as encryption, tokenization and dynamic authentication through EMV chip technology to further protect sensitive account information and minimize the impact of data compromises."