Based on the investigation to date, the Company continues to believe that a limited portion of its North American card processing system was affected. As discussed in our earlier announcement, the Company's continuing forensic investigation confirms that actual card numbers that may have been exported did not exceed 1,500,000. The Company has, however, provided a larger quantity of card numbers to industry brands to enable them to proactively monitor cardholder activity. The evidence continues to indicate that the potential card exportation was limited to Track 2 data.
The Company's ongoing investigation recently revealed potential unauthorized access to servers containing personal information collected from a subset of merchant applicants. It is unclear whether the intruders looked at or took any personal information from the Company's systems; however, the Company will notify potentially-affected individuals in the coming days with helpful information and make available credit monitoring and identity protection insurance at no cost. The notifications are unrelated to cardholder data and pertain to individuals associated with a subset of the Company's U.S. merchant applicants.
The Company believes that this incident is contained. The Company has made substantial progress in its investigation and remediation efforts and plans to provide additional information regarding the potential financial impact, the PCI compliance process and the status of the investigation not later than its
Additional information is available at www.2012infosecurityupdate.com.
This announcement may contain certain forward-looking statements within the meaning of the "safe-harbor" provisions of the Private Securities Litigation Reform Act of 1995. Statements that are not historical facts, including management's expectations regarding future events and developments, are forward-looking statements and are subject to significant risks and uncertainties. Important factors that may cause actual events or results to differ materially from those anticipated by such forward-looking statements include the following: further results of the continuing investigation of the unauthorized access of our processing system, including the discovery of additional card data or information implicated in the incident; the effect of our remediation efforts on operations; the impact of fines or penalties from the card networks and state authorities on our results of operations; and other risks detailed in the company's
Investor Relations Contact: