How To Tell If Your Credit Card Was Hacked In The Global Payments Breach

Earlier today, news broke that credit card processor Global Payments suffered a massive security breach, in which intruders made off with thousands — possibly millions — of credit card numbers from hundreds of of card issuers worldwide. The story is still developing and the hows and whys of how the card numbers were lost will be debated for years, but the bigger question is what should you do right now to make sure your money is safe? Here are a few tips.

Photo by 401kCalculator.org.

What Happened?

Global Payments is a credit card processor, meaning they're one of the companies responsible for handling your transaction when you swipe your credit card at a register. The retailer sends your information to a processor, who then forwards it to Visa, Mastercard, or another issuer, who handles the transaction with your bank. Card processors are frequently the target of these types of attacks, mostly because they handle transactions for every brand and type of credit card, for banks all over the world.

Estimates for how many card numbers were lost in the breach range from 50,000 cards all the way up to 10 million, so odds are we won't know for sure how many accounts were really compromised until the dust settles a bit. The Wall Street Journal reports that Global Payments is one of the country's largest processors, and while we know they work closely with New York cab and parking companies, WSJ says they actually have a significant client list and the size of the breach could mushroom.

Visa and Mastercard have, for their part, already acknowledged that Global Payments has alerted them to the breach, and stress that their own networks have not been compromised. Discover and American Express, on the other hand, say they're keeping an eye on things.

The scariest aspect is that it's possible the thieves have had access for a while now, have been stockpiling credit card numbers for months, and only now have been discovered. According to some analysts Mastercard has already reached out to some banks and card issuers to let them know which accounts have been compromised. That said, there are a number of things you can do right now to make sure you're on top of it if your card is one of the ones lost.

Contact Your Financial Institution

We haven't seen any kind of full disclosure from any of the companies involved in this yet, mostly because they're all likely trying to get their stories straight before they open their mouths to the public. In the interim though, there's no harm in contacting your credit card issuer to see if they're aware or doing anything about the issue. You'll likely get hold of a tier one customer service rep who may not even know the news, much less have some copy prepared to read to you about it, but you can always ask more generally about how they handle data breaches and fraudulent transactions on a stolen card.

After all, you're not liable for purchases on a stolen or copromised credit card. Ask them if they offer credit monitoring in cases like these, whether it's a free service and how long they'll monitor your account. If it's free and monitored for a few years, spring for it — if not, hold off. If your issuer did lose numbers in the breach, the first thing they'll do to smooth it over with you is give you a few months of free monitoring. Regardless, now is a good time to call your issuer and make sure you're up to speed on their policies around fraudulent transactions and identity theft.

Keep An Eye On and Review Your Statements

Fortune reports that the thieves may already be using some of the credit card numbers they've obtained, and Gartner points out that if you've used your credit card in the past few months to pay for a cab or parking garage in the New York City area, you're in a particularly high-risk group (since that's where the Global Payment attack originated, and the first information to be accessed.) Even if that doesn't describe you, now is a great time to pore over your credit card statements from the past few months and make sure you can identify every single transaction posted to your account.

It's easy to let the statements slip, especially if you have your bills set up to auto-pay, but it's important to double-check your statements anyway, even moreso at a time like this. If you see any transactions you can't identify, or you're certain you didn't make, contact your bank or card issuer immediately to report them.

Be Vigilant

Like we said, Mastercard has already contacted individual banks, credit unions and other card issuers to let them know what information has been lost. Visa will likely follow suit, if they aren't doing so as you read this. The next step is public disclosure from those companies, and for those companies to reach out to individual cardholders to let them know whether their data has been compromised. Bank of America has said that they're monitoring accounts already, and will contact customers if they see anything suspicious.

If you are contacted, you'll have more power at that point — you can cancel your card entirely, request a new one with a new number, or sign up for credit monitoring (which will likely be offered to you for free if you've been affected.) Still, while you wait for the story to unfold, it might be a good time to look over your financial docs and make a sort of credit card emergency plan in case your account is one of the unlucky ones.


Comments

    If you do get zapped, the bank will reimburse you, they do it all the time. They get hacked so often it's become a part of their business practice. Can't let the plebes know you aren't even close to being safe.

      Thats if you got credit card insurance like the ANZ Falcon.

        No, that's not remotely true.

        1. If you've got a Visa or a MasterCard you will *never* pay for unauthorized charges as long as (1) you didn't contribute to the problem (eg. give the card to someone else, write down your PIN on the card etc.) and (2) you notified the bank within a reasonable time of becoming aware there was a problem. This applies no matter what bank you're with, what card you have, or what extra products you have taken out (eg. insurance).

        2. "ANZ Falcon" isn't even an insurance product -- it's just the name their marketing department gave to their anti-fraud department. Every bank that issues Visa or Mastercard cards have a department dedicated to the ongoing monitoring of all transactions used with their cards. All banks in Australia uses FICO Falcon's software (from memory, with the exception of NAB who uses a competitor's) http://tiny.cc/fca1bw

        ANZ just decided to go out and start a marketing campaign to drum up business talking up one particular aspect of their business that all the other banks do anyway, they just don't run ads on it.

          Those aggressive fraud blocking schemes like ANZ Falcon are a pain in the butt.

          I was overseas on a 6 week holiday and had my credit cards cancelled. No one at my bank told me I had to call them and tell them I was going on holiday. They just cancelled my cards without contacting me.

          Fraud schemes are all about protecting the bank and not helping the customers. Since the bank repays all fraud on your account the only one who an aggressive anti-fraud scheme benefits is the bank.

            Thanks for the tip! I will be travelling overseas for Christmas and the very last thing I want is not to be able to have access to my credit card.

              Actaully that was wize of them, and stupid of you. If for the last 3 years all your transactions came from australia, Then one day out of the blue, a few transactions cam from a random country, that would put anybodys red flag up. Most people know to al least call your bank before going on a holiday to give them the heads up. Thats what their paid to do, Seek out transactions that aren’t normal to you. But I doubt they cancelled the card, they would have just suspended it. And when you rang up to explain the situation they would just remove the hold on the card.

            Bankwest blocks my credit cards every time I go overseas on holidays. No matter if I notify them or not. I can't explain how inconvenient it is to be trekking on the outskirts of Tibet and find you have no access to your own finances to buy chocolate treats.

          It's also important to note you won't be covered if you use an easy to guess PIN. 1234, 3333, or your birthday could all mean you won't get your money back.

    My partner just had a big purchase on her credit card from an unknown source. We couldn't figure out how someone would have stolen her details but this could be the source?

    ANZ refunded the total and cancelled the card as soon as we let them know,

      Actually this looks like a USA thing? So perhaps not hehe.

    Actaully that was wize of them, and stupid of you. If for the last 3 years all your transactions came from australia, Then one day out of the blue, a few transactions cam from a random country, that would put anybodys red flag up. Most people know to al least call your bank before going on a holiday to give them the heads up. Thats what their paid to do, Seek out transactions that aren't normal to you. But I doubt they cancelled the card, they would have just suspended it. And when you rang up to explain the situation they would just remove the hold on the card.

    I feel sick both my cards have just been scammed , mastercard last week, and american express this week, in africa and i have never even used my american express card. now i have to get new cards and send my signiture to the bank to proove it was not me. i am so cross right now that someone has been living it up in expensive hotels etc on my behalf.

    Someones been living it up in a (South African) Cape town Hotel and fancy restaurants etc at my wifes expense- we just cancelled the card- No one rang from the bank to say there was dodgy details- - and we have Com Bank "call us" to verify suspicious activity -WE HAD NO CALLS_ - I googled the places and just for my satisfaction at our inconvenience rang them to tell them they have "scammed" for thousands of dollars - I now suspect that some of the "employees" are in on this fraud and know these people . The last time this happened ( 4 years ago) the bank said we were responsible for the expenses incurred and so we had to threaten legal action against the bank along with TV coverage exposure to Today tonight, 60 minutes, A current affair etc as they said we were liable for the expenses incurred as per the Terms and Conditions of the card and even produced a squiggle signature (not ours obviously) on the receipt document ( which was In Russian ) - on the purchases in Budapest -I explained we were not in and have never been to Budapest - at all and my wife was gravely ill in hospital at the time so we could not have incurred the expenses - Turns out the same jewellry shop does 3 transactions like this per week! So why not ban them from credit card access?

Join the discussion!

Trending Stories Right Now