It broke today that Visa and MasterCard announced that a processor of their credit cards had been breached and allegedly more than 10 million credit card numbers have been stolen. A couple of posts/articles that go into more depth are here:
Brian Krebs' KrebsOnSecurity
ZDNet's Zero Day
Sophos' Naked Security
While I had read the posts/articles earlier this morning, I just got "the call" from my credit card company this evening. This has happened to me before, a long time ago when Egghead Software was breached (that had to be mid-90s, right?) What a pain to have go through the rig-a-ma-roll again.
Allegedly, the processor is Global Payments. It will be interesting to see if they are/were PCI compliant. Further, it will be interesting to see if details of the breach emerge.
Global Payments has an announcement on their website.
What bothers me is that they determined that there was a breach in early March, took steps, yet announced today. I would be interested in hearing what caused the delay.