Global Payments CEO Paul Garcia said in a press conference that the breach involved only a “handful” of the company’s North American servers. “It is reassuring that our security processes detected an intrusion,” he says.
Security and law enforcement experts say the Global Payments caper could help explain account discrepancies that many consumers may have noticed over the past several weeks.
Consumers can expect more fraudulent purchases and debit card withdrawals, and other scams spinning out of the notoriety of the breach.
A seven- to eight-week time period is plenty enough for identifier card data to get stolen, brokered and used in the underground market,” says Rob D’Ovidio, associate professor of Drexel University’s criminal justice program.
Consumers are limited to a $50 loss for card fraud, and most often lose nothing if the fraud is detected and reported quickly. A new card with a fresh account number is issued, and the losses are borne by the bank or merchant or both.
Meanwhile, the Identity Theft Resource Center has fielded several reports from consumers who have received letters in plain envelopes with no letterhead asking recipients to call a toll-free number to verify account information. The person answering will attempt to dupe the caller into divulging account information, says ITRC adviser Kat Rocha.