Global Payments taken off PCI lists over data breach

Global Payments has confirmed that "some card brands" have removed it from their lists of PCI compliant processors over a data breach affecting up to 1.5 million people.

  0 Be the first to comment

Global Payments taken off PCI lists over data breach

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

Following press speculation, the US processor confirmed in March that earlier that month it had discovered a breach affecting North American card holders. The firm says 'Track 2' data - including account numbers - was compromised but not names, addresses and social security numbers.

Visa quickly removed Global Payments from its list of approved service providers, telling it to revalidate as PCI DSS compliant. In an update, the firm has confirmed that other card associations have taken the same steps.

"They have requested we revalidate our PCI status, which we will do following the current investigation. We anticipate that we will be re-instated to those lists at the conclusion of the re-validation and any required remediation," says a statement.

However, the move does not stop Global Payments from processing transactions for the brands.

Meanwhile, Visa and MasterCard alerts to card-issuing banks reveal that the breach, although only discovered in March, dates back to at least last June, according to KrebsonSecurity, which initially broke the story.

Sponsored [Webinar] 2025 Fraud Trends: Synthetic Identity, AI and Incoming Mandates

Comments: (0)

[Webinar] 2025 Fraud Trends: Synthetic Identity, AI and Incoming MandatesFinextra Promoted[Webinar] 2025 Fraud Trends: Synthetic Identity, AI and Incoming Mandates