MasterCard (NYSE: MA) and Visa (NYSE: V) reportedly experienced massive security breaches in January and February of this year, potentially compromising up to 10 million card numbers, reports the Krebs on Security blog.
The payments networks issued “separate non-public alerts…late last week,” to certain banks affected by the breach, which took place between Jan. 21, 2012 and Feb. 25., 2012, reports Krebs. According to the same report, the breach involved both Track 1 and Track 2 data which means “that the information could be used to counterfeit new cards.”
According to Krebs, the banks affected by the breach are “[analyzing] transaction data on the compromised cards, in hopes of finding a common point of purchase.” Apparently, parking garages in the New York City metropolitan area are a point of focus.
MasterCard has confirmed the breach to the media in a statement. The data compromise involves a potential third-party account, not MasterCard’s systems, said MasterCard in an update through its Twitter account @MasterCardNews.
Visa did not reply to a request for comment.
This would not be the first time such a thing occurred. Heartland Payment Systems, of Princeton, N.J., experienced a security breach in 2009, which the Washington Post said “may be the largest ever,” at the time.
It’s difficult to have a sense of the scale at this time. According to Krebs, one payments processor for credit unions said that about 56,000 cards were compromised but of these, just 876 actually experienced fraudulent activity.
Precisely which financial institutions and products were affected by the breach has yet to be disclosed.
As of Sept. 31, 2011, there are 1.93 billion active Visa cards. As of Dec. 31, 2011, there are 1.8 billion active MasterCard cards.