A data breach at a credit card payments processing firm Global Payments potentially impacted 1. 5 million credit and debit card numbers from major card brands Visa, MasterCard, Discover and American Express (money. cnn. com) in April 2012. Company Background Founded in 1967, Global Payments (NYSE:GPN) is one of the largest electronic transaction processing company based out of Atlanta, GA and operations in several European and APAC regions.
The company provides business-to-business card payment and processing solutions for major card issuers such as Visa, Master Card, Amex and Discover.
The company also performs terminal management and electronic check conversion. Security Breach Exactly a year ago, in March 2012 the company was hit by a massive security breach of its credit card payment processing servers impacting more than 1. 5 million customers (nytimes. com). The company reported unauthorized access to its processing system resulting in data transfer of 1,500,000 card numbers.
According to the company report, data stolen includes name, social security number and the business bank account designated for payment processing or deposit services.
As a result of unauthorized access to the company’s servers millions of customer confidential records got exported. Cost of Security Breach While this data breach is not the largest of the cases, Global Payments data breach turned out to be a $93. 9 million deal according to the company’s Jan 8th 2013 quarterly report (bankinfosecurity. com). This is mainly spent in enhancing security and ensure compliance with Payment Card Industry Data Security standard.
The company hired a qualified security assessor (QSA) that conducted an independent review of the PCI-DSS compliance of Global Payments systems and advised many remediation steps for its systems and processes.
The company also paid fines related to non-compliance and has reached to an understanding with several card networks. The majority of the expenses, $60 million were originated out of professional fees while $35. 9 million was estimated to be fraud losses, fines and other charges imposed by credit and debit card networks.
However the company received $2 million in insurance recoveries. There could be additional expenses of $25 to $35 million in reminder of 2013 due to investigation, remediation and PCI compliance.
While the company would like to conceal finer details of the investigation a closer look into this case clearly reveals a fraud triangle of pressure, rationalization and opportunity. It is highly likely that an insider played a major role in exposing security vulnerabilities of the company’s information technology systems and lack of proper monitoring mechanisms.
Lack of proper internal controls resulted in the insider making use of the opportunity to commit fraud. The case clearly indicates that either system monitoring mechanism was inadequate and could not prevent the data thief to get access to PCI data. It is not clear whether high level data encryption was implemented for personal data such as social security numbers and bank accounts. Steps to mitigate data breach A number of precautionary and data protection measures should be taken to ensure PCI compliance and prevent such a massive data theft (sans. rg).
The numbers of cyber threats are increasing at an alarming level and a small overlook on company’s behalf is enough for hackers to steal confidential data and put consumers at risk. In today’s high tech world of information technology customers information is at high risk of breach and any company both private or public involved in dealing with financial data has to ensure highest level of regulatory compliance to protect consumers interest, maintain their trust and finally run as an ongoing concern
Remember! This is just a sample.
You can get a custom paper by one of our expert writers.
Get your custom essay
Helping students since 2015
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download