Case Analysis: Global Payments Breach

Only available on StudyMode
  • Download(s) : 32
  • Published : March 31, 2013
Open Document
Text Preview
Table of Contents
Executive Summary3
Company Background3
Security Breach3
Cost of Security Breach3
Closer Look at Control Issues4
Steps to mitigate data breach4
Conclusion6
References6

Executive Summary
A data breach at a credit card payments processing firm Global Payments potentially impacted 1.5 million credit and debit card numbers from major card brands Visa, MasterCard, Discover and American Express (money.cnn.com) in April 2012. Company Background

Founded in 1967, Global Payments (NYSE:GPN) is one of the largest electronic transaction processing company based out of Atlanta, GA and operations in several European and APAC regions. The company provides business-to-business card payment and processing solutions for major card issuers such as Visa, Master Card, Amex and Discover. The company also performs terminal management and electronic check conversion. Security Breach

Exactly a year ago, in March 2012 the company was hit by a massive security breach of its credit card payment processing servers impacting more than 1.5 million customers (nytimes.com). The company reported unauthorized access to its processing system resulting in data transfer of 1,500,000 card numbers. According to the company report, data stolen includes name, social security number and the business bank account designated for payment processing or deposit services. As a result of unauthorized access to the company’s servers millions of customer confidential records got exported. Cost of Security Breach

While this data breach is not the largest of the cases, Global Payments data breach turned out to be a $93.9 million deal according to the company’s Jan 8th 2013 quarterly report (bankinfosecurity.com). This is mainly spent in enhancing security and ensure compliance with Payment Card Industry Data Security standard. The company hired a qualified security assessor (QSA) that conducted an independent review of the PCI-DSS compliance of Global Payments...
tracking img