BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Global Payments Breach Tab: $94 Million

From: security curmudgeon <jericho () attrition org>
Date: Fri, 11 Jan 2013 11:56:27 -0600 (CST)


---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.bankinfosecurity.com/global-payments-breach-tab-94-million-a-5415

By Information Security Media Group
January 10, 2013

Global Payments Inc. says the data breach it revealed in April 2012 has 
cost the company $93.9 million.

In a Jan. 8 quarterly report, the Atlanta-based payments processor says 
expenses associated with the breach, estimated by Global to have affected 
1.5 million payment cards in North America, related mainly to investments 
the company has made to enhance security and ensure compliance with the 
Payment Card Industry Data Security Standard (see Global Payments: Breach 
Exam Complete).

"We hired a qualified security assessor, or QSA, to conduct an independent 
review of the PCI-DSS compliance of our systems," Global states in its 
filing. The processor goes on to say that its effort to remediate its 
systems and processes is "substantially complete," and it hopes to be 
returned soon to the payment card network list of PCI-DSS compliant 
service providers. "Our failure or a delay in returning to the list could 
have a material adverse effect on our business, financial condition, 
results of operations and cash flows," Global states.

Global says it has now paid all fines related to non-compliance and has 
reached resolution with certain card networks, although it did not specify 
which ones. The processor also says its business has not suffered as a 
result of the breach.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.
Previous By Date Next
Previous By Thread Next

Current thread: