Atlanta-based RBS WorldPay processes electronic payments, such as debit, credit and ATM transactions. It also processes gift card and payroll card transactions.
An unauthorized user accessed the company's computer system, and personal information of 1.5 million gift card and payroll cardholders may have been compromised, a company spokesman told SCMagazineUS.com on Monday. Personal information of payroll cardholders – including names, addresses, dates of birth, Social Security numbers – may have been accessed.
The compromised data includes the Social Security numbers of as many as 1.1 million users, the company said in a statement on its website.
Since the breach, identified Nov. 10, there have been approximately 100 instances of actual fraud, where cards were used to conduct fraudulent transactions. Victims will not be held financially responsible for fraudulent withdrawals, the spokesman said.
The company is currently working with law enforcement and federal regulators in an investigation. WorldPay has notified by letter affected individuals and has offered a free one-year credit monitoring subscription to most of the 1.1 million victims whose Social Security numbers were potentially accessed.
The statement said the gift cards that already were purchased retain their value and can be used wherever they are accepted by merchants. The company is now working to get affected gift cards that have not yet been purchased off of store shelves.