News

Euronet reports breach of secure payment data

January 24, 2012

Euronet Worldwide Inc., a Leawood, Kansas, company that provides secure payment services, has reported a criminal computer security breach to the Securities and Exchange Commission, said a story in the Kansas City Business Journal.

The data breach, which targeted a “small portion” of Euronet’s European business in late 2011, was the company’s first, CEO Michael Brown said in an interview.

Brown said the breach affected card data in Euronet’s electronic fund transfer division. Third-party forensic investigators confirmed that the breach didn’t affect Euronet’s other business units, including its e-pay division, ATM networks or money-transfer operations.Brown said that of the electronic fund transfer division, 90 percent of the data on card transactions remained protected. He partially credited a highly secure microchip that appears on most European debit and credit cards. The chip requires a verification PIN for access.

“That worked to our advantage because when they were able to get some card data, it was card data from chip cards, and you can’t get anything out of a chip card,” he said. The 10 percent of data that became exposed stemmed from older cards that hadn’t yet been updated with the chip, Brown said.