Questions Regarding Security Breach May Sink Global Payments

Whenever hackers breach systems holding credit card information, millions of people hold their breath, worried that they will be among those victimized by the security lapse. That is what is happening at the moment, while the details of Global Payments' (NYS: GPN) recent breach get sorted out and the damage assessed.

The bad news is that there could be as many as 1.5 million credit card numbers in the hands of miscreants, who, having exported the information, may now peruse it at their leisure. The one bright spot is that the company reports that no Social Security numbers or other personal information was obtained.

Although this incident does not appear to be anywhere near as large as the 130 million numbers stolen from Heartland Payment Systems (NYS: HPY) in 2008, the ante has gone up this time. Data breach security laws now on the books in nearly all states put the onus on merchants, banks, and credit unions that issue cards to notify customers immediately when their card numbers are compromised. Steep fines can ensue if these laws aren't followed precisely, causing an economic ripple effect apart from the actual security break.

There are some other questions here, though. On Sunday, Visa (NYS: V) removed Global Payments from its list of secure vendors until the company can prove to Visa that its security levels are compliant with industry standards. This is an unusual step, perhaps stemming from the fact that the breach was first reported by Visa and MasterCard (NYS: MA) as being the type of breach whereby enough information was stolen to allow criminals to duplicate cards. As noted by security writer Brian Krebs, the credit card companies estimated the breach to have occurred sometime between Jan. 21 and Feb. 25. Global Payments says the security break didn't occur until early March.

Can this company be trusted?
Although Heartland recovered quite well from its brush with security breaches back in 2008, this situation looks a little spooky to me. Why, for instance, is there such a difference of opinion between Global Payments and the credit card companies regarding the time and the severity of the breach? The ostracizing of this company by Visa also raises red flags, as it seems to indicate the credit card giant is unsure of the security status of this vendor.

If Visa and MasterCard are correct about the timing, at least 10 million cards could be at risk. This is much larger than the 1.5 million that Global Payments is estimating, another discrepancy that seems odd. In this business, trust is huge, and all the questions swirling around Global Payments in regards to this recent breach are unsettling, to say the least.

To its credit, Heartland instituted a new payment system for merchants that heightened credit card information security within two years of its security break. Time will tell if Global Payments does the same, or even if it is able to ride out the current debacle. From what I can see, the trust issue will work against the company's recovery or, possibly, its very survival.

Have you ever noticed how successful investors tend to gravitate toward financial stocks? Learn how and why they do so, as well as how you can profit from this sector, by getting our free report now. Don't hesitate; it's available right here.

At the time thisarticle was published Fool contributorAmanda Alixowns no shares in the companies mentioned above. The Motley Fool owns shares of MasterCard. Motley Fool newsletter services have recommended buying shares of Heartland Payment Systems and Visa. The Motley Fool has a disclosure policy.We Fools may not all hold the same opinions, but we all believe that considering a diverse range of insights makes us better investors. Try any of our Foolish newsletter services free for 30 days.

Copyright © 1995 - 2012 The Motley Fool, LLC. All rights reserved. The Motley Fool has a disclosure policy.