Global Payments, a Sandy Springs-based credit and debit card processor that disclosed in March 30 that it was hacked, says that its data breach cleanup costs have reached $84.4 million so far. While it’s debatable whether data encryption would have made a difference — the company has advocated end-to-end encryption for credit card transactions since the breach — it shows that data security is essential when it comes to protecting sensitive data.
Some Technical Details
Global Payments has released via www.2012infosecurityupdate.com the following details:
Global Payments has made substantial progress in its investigation and remediation efforts. Based on the investigation to date, we continue to believe that a limited portion of our North American card processing system was affected, actual card numbers that may have been exported did not exceed 1,500,000 and any potential card exportation was limited to Track 2 data…
Our investigation also supports our earlier findings that the cardholder information that may have been exported included only Track 2 data, not names, addresses or social security numbers.
However, foxbusiness.com notes that “it supplied a larger number of card numbers to the payment networks for monitoring.”
$84.4. Million Figure Includes Charges
There is, however, a caveat to all of this. According to Global Payments’s own press release, the cost that’s being quoted around “includes an estimate of charges from the card brands and investigation and remediation expenses.”
It’s not an unreasonable assumption that perhaps the cost of cleaning up the breach would have been lower had Global Payments been in some business other than finance.
Related Articles and Sites: