Global Payments Provides Updated Information Regarding Unauthorized System Access

[Jake Kouns <jkouns () opensecurityfoundation org>]

http://www.globalpaymentsinc.com/DataProtection.html

ATLANTA April 1, 2012
Global Payments Inc. (NYSE: GPN), a leader in payment processing
services, announced on Friday, March 30, 2012 that it identified and
self-reported unauthorized access into its processing system. The
company believes that the affected portion of its processing system is
confined to North America and less than 1,500,000 card numbers may
have been exported. The investigation to date has revealed that Track
2 card data may have been stolen, but that cardholder names, addresses
and social security numbers were not obtained by the criminals. Based
on the forensic analysis to date, network monitoring and additional
security measures, the company believes that this incident is
contained.

The company continues to work with industry third parties, regulators
and law enforcement to assist in the efforts to minimize potential
cardholder impact. It has engaged multiple information security and
forensics firms to investigate and address this issue.

“We are making rapid progress toward bringing this issue to a close.
Our nearly 4,000 employees around the world are focused on providing
exceptional service. We are open for business and continue to process
transactions for all of the card brands,” said Chairman and CEO Paul
R. Garcia.

Global Payments Inc. is a leading provider of electronic transaction
processing services for merchants, Independent Sales Organizations
(ISOs), financial institutions, government agencies and multi-national
corporations located throughout the United States, Canada, Europe and
the Asia-Pacific region. Global Payments, a Fortune 1000 company,
offers a comprehensive line of processing solutions for credit and
debit cards, business-to-business purchasing cards, gift cards,
electronic check conversion and check guarantee, verification and
recovery including electronic check services, as well as terminal
management. Visit www.globalpaymentsinc.com for more information about
the company and its services.

This announcement may contain certain forward-looking statements
within the meaning of the “safe-harbor” provisions of the Private
Securities Litigation Reform Act of 1995. Statements that are not
historical facts, including management’s expectations regarding future
events and developments, are forward-looking statements and are
subject to significant risks and uncertainties. Important factors that
may cause actual events or results to differ materially from those
anticipated by such forward-looking statements include the following:
the results of the continuing investigation of the unauthorized access
of a portion of our processing system announced on March 30, 2012,
including the discovery of additional transactions or card data
implicated in the incident; to the effect of the remediation efforts
on our operations; the impact on our results of operations that may
result from these risks; and other risks detailed in the company's SEC
filings, including the most recently filed Form 10-Q or Form 10-K, as
applicable. The company undertakes no obligation to revise any of
these statements to reflect future circumstances or the occurrence of
unanticipated events.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.