In March, Global Payments said data from 1.5 million credit and debit accounts were accessed by hackers but stressed that cardholders names, addresses, and social security numbers were not stolen in the breach.
However, this week the company admitted that hackers had indeed gained access to personal information. Although the company did not disclose what kind of personal information, the Associated Press reported that the information included names, addresses, social security numbers, drivers’ licenses, and bank accounts.
“The company’s ongoing investigation recently revealed potential unauthorized access to servers containing personal information collected from a subset of merchant applications. It is unclear whether the intruders looked at or took personal information from the company’s systems; however, the company will notify potentially affected individuals in the coming days with helpful information and make available credit monitoring and identity protection insurance at no cost”, Global Payments said in a statement.
The company said it would provide an update about the progress of its investigation, remediation efforts, potential financial impact, and PCI compliance process by July 26, the date of its scheduled year-end earnings call.