2. GLOBAL PAYMENT:
ABOUT THE COMPANY.
• A Fortune 1000 corporation
• Provide electronic transaction processing services for
• Merchants,
• Financial institutions
• Government agencies
• Independent Sales Organizations (ISOs)
• Multi-national corporations.
• Business throughout the United States, Canada, United
Kingdom, Europe, Spain, Russian and the Asia-Pacific region.
3. GLOBAL PAYMENTS:
ABOUT THE COMPANY.
• Business: Offer processing solutions for
• Credit and debit cards
• Business-to-business purchasing cards
• Gift cards
• Electronic check services
• Internet services, etc.
• Process approximately five billion transactions per year.
• Global Payments is not a well-known corporation
• Card-processing middleman between merchants and banks
• Global Payment handles $120.6 billion of transactions rung up
on Visa and MasterCard
4. THE CRISIS: CREDIT
CARD DATA BREACH.
• March 30, 2012. The crisis broke out from blog: Krebs on
Security.
• Soon afterwards, the events drew attention of multiple
newspapers, BBC News, and The Wall Street Journal, etc.
• Information of more than 1.5 million credit cards, including
MasterCard, Visa, and American Express, might have been
theft by hackers.
• The information may include card number, expiration date, and
security code, The Company’s share price dropped
dramatically.
• Global Payments’ fiscal first-quarter earnings fell 27% because
of the continued remediation charges related to the security
breach.
5. TWO STAGES OF RESPONSES
OF GLOBAL PAYMENT
Early stage:
• Right after the breaking out of the crisis, Global Payments did a
good job to convince people that the situation is “ absolutely
contained”
• The immediate response of the CEO
• Convince people that the breach situation was not as bad as
people imagined
• Immediately promised to set up a website to help consumers who
might be affected by the breach
• Commitment that the Global Payments will “continue to work with
regulars, industry third parties and law enforcement to help in the
effort to minimize the potential impact on credit cardholders.
6. TWO STAGES OF RESPONSES
OF GLOBAL PAYMENT
Three months later:
• The result of this event was not clear about what type and
quantity of consumers’ personal information has been stolen.
• It also failed to identify the customers that had been affected.
• The result of Global Payment’s investigation was too vague to
answer any substantial.
• This awkward situation made Global Payments’ promise
become empty talk, which disappointed both media and
customers.
7. RESPONSES OF
STAKEHOLDERS
Banks:
• Stepped up monitoring and would alert consumers to any
suspicious activity, issuing new cards as warranted.
• Encourage customers to monitor their accounts and contact
them if they do not recognize a transaction on their account
Visa and MasterCard:
• Declared that their own systems are safe
• Took actions to notify their customers to be cautious.
• Visa also dropped Global Payments from its list of approved
service providers
8. VARIOUS OTHER
STAKEHOLDERS
• The experts: worried about the over security of card industry.
• The privacy protectors: concerning the “Debit cards, which
have fewer protections than credit cards, should be very
closely watched.”
• The attorney: concerning the state law may affect the zero-
liability policy.
9. THE TWO DIFFERENT ATTITUDES
OF MEDIA RESPONSES
• Early stage, neutral attitude of media
• Three months later, generally unhappy about Global
Payment’s investigation results, because the results cannot
provide any accurately answer to any question that they
concerned
• How exactly does the intrusion of data occur?
• When did the data intrusion occur?
• How many accounts were affected?
• What type of data was accessed?
• What will Global's remediation efforts include?
10. THE RESPONSES OF
CUSTOMERS
• People have strong willing to be informed after the breach.
They were expecting that the company could provide more
accurate information regarding the
• People also think the company does not make enough effort to
protect customers’ information.
11. RECOMMENDATIONS
• First of all, Global Payment should justify its management
strategies to spend more money on information security.
• Secondly, in the response process, Global Payments should
provide accurate report about this crisis, and avoid unclear
terms.
• Thirdly, understand that the responses of a crisis are long-term
tasks.