(From CBS News MoneyWatch) -- MasterCard said Friday it is investigating whether cardholder account data has been improperly accessed.
The payments company said the possible breach involves an undisclosed transaction-processing company in the U.S. and that MasterCard's own systems have not been compromised "in any manner." MasterCard said it has alerted law enforcement authorities about the incident.
"The incident is currently the subject of an ongoing forensic review by an independent data-security organization," a MasterCard spokesman said in a statement. "MasterCard is concerned whenever there is any possibility that cardholders could be inconvenienced, and we continue to both monitor this event and take steps to safeguard account information. "If cardholders have any concerns about their individual accounts, they should contact their issuing financial institution."
A blog, Krebs on Security, reported today that MasterCard and Visa (V) late last week started warning banks that certain cards may have been breached. Citing financial industry sources, the blog said more than 10 million card numbers may have been exposed. The breach reportedly took place between Jan. 21, 2012, and Feb. 25, 2012, and involved data that could be used to counterfeit cards, according to Krebs on Security.
A Visa representative did not immediately return a call for comment. "Visa Inc. is aware of a potential data compromise incident at a third-party entity affecting card account information from all major card brands," the company said in a statement. "There has been no breach of Visa systems, including its core processing network VisaNet. Visa has provided payment card issuers with the affected account numbers so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards."
Trading in shares of credit-card processor Global Payments (GPN), was halted after The Wall Street Journal linked the company to the data breach. The stock fell 9.1 percent when trading was stopped.