Visa Responds to Processor Breach
In response to today's news from the Krebs on Security website "MasterCard, VISA Warn of Processor Breach", I am writing to update you about the potential compromise and it's impact to you.
Our clients were first alerted to the potential compromise from a CAMS Alert on Friday, March 23, 2012. At this time, we have not received information that our clients will be or have been directly affected by the breach.
Bryan Krebs wrote that "VISA and MasterCard are alerting banks across the country about a recent major breach at a U.S.-based credit card processor. Sources in the financial sector are calling the breach "massive," and say it may involve more than 10 million compromised card numbers."
In response, Visa has provided the following statement:
"Visa Inc. is aware of a potential data compromise incident at a third party entity affecting card account information from all major card brands. There has been no breach of Visa systems, including its core processing network VisaNet.
"Visa has provided payment card issuers with the affected account numbers so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards.
"It's important for U.S. Visa consumer cardholders to know they are protected against fraudulent purchases with Visa's zero liability fraud protection policy, which exceeds federal safeguards. As always, Visa encourages cardholders to regularly monitor their accounts and to notify their issuing financial institution promptly of any unusual activity. Additional consumer security tips are available at www.VisaSecuritySense.com.
"Every business that handles payment card information is expected to protect the security and privacy of their customers' financial information by adhering to the highest data protection standards. Visa also supports advanced security layers such as encryption, tokenization and dynamic authentication through EMV chip technology to further protect sensitive account information and minimize the impact of data compromises."