PCI Security Standard Will Get Better Thanks to Global Payments Breach

Late Friday, credit card processing vendor Global Payments admitted they had been the victim of a data breach. Monday morning the company’s CEO got on the phone with press and analysts to explain what happened and to debunk rumors.

“There is a lot of rumor and innuendo out there and most of it is incredibly inaccurate,” Global Payments CEO Paul Garcia said.”The company believes that fewer than 1.5 million card numbers may have been stolen and that the theft is confined to our North American processing system.”

There had been some speculation that the breach was significantly larger. Garcia also stressed that so far as he was aware, cardholder names, addresses, social security or consumer banking information was not obtained by the criminals.

“I can tell you this, approximately three weeks ago we identified that card holder data may have been taken,” Garcia said. “Literally within hours we contacted federal law enforcement and the card associations.”

Garcia noted that the investigation is still continuing and there are parts of the breach incident that they still need to resolve. That said he stressed that the situation is contained to the best of our ability and opinion.

From Global Payment’s perspective, the security breach could actually end up having a positive impact on the PCI-DSS standard. The idea is that information learned from the incident could help to improve future version of PCI-DSS. The Global Payments system had been certified as being PCI-DSS compliant. The PCI-DSS standard is a critical stamp of data security compliance.

“This will help PCI be better and this will help everyone be more secure since we’re all in this together,” Global Payment’s Garcia said. “These are thieves, theres are bad guys that are working day and night to hurt us and all of us together have to do our best to thwart them and that’s what we’re working on.”

Read the full story at eSecurityPlanet:
Global Payments: Breach Contained, But Damage Done

Sean Michael Kerner is a senior editor at InternetNews.com, the news service of the IT Business Edge Network, the network for technology professionals Follow him on Twitter @TechJournalist.