Credit Card Processor: We Goofed

(CBS/AP)  The head of the credit card processing company whose computer system was breached by hackers, exposing millions of credit card accounts, has acknowledged that his firm should not have been keeping the consumer records in the first place.

The official, John Perry, chief executive of Atlanta-based CardSystems Solutions Inc., said that the records known to have been stolen covered roughly 200,000 of the 40 million compromised credit card accounts, from Visa, MasterCard, and other companies.

"This particular company, CardSystems, processes $15 billion in transactions a year. This is huge," .

Perry said the data was being stored for "research purposes" to determine why some transactions had registered as unauthorized or uncompleted. "We should not have been doing that," Perry said in Monday's editions of The New York Times.

Under rules established by Visa and MasterCard, processors cannot retain cardholder information after handling transactions.

"CardSystems provides services and is supposed to pass that information on to the banks and not keep it," Joshua Peirez, a MasterCard official, told the Times. "They were keeping it."

The security breach was first reported Friday when MasterCard International Inc. said computer hackers may have accessed more than 40 million credit card accounts. About 13.9 million were from MasterCard accounts.

"Because MasterCard has been on top of it pretty much, we're not recommending that people cancel accounts. Wait until you hear from your issuer," said McGirt. "But everybody needs to be vigilant. This is a time when the consumer needs to be checking their credit reports and opening their mail. All the things that we should be doing anyway to make sure there's no suspicious activity."

Reporting fraudulent use of a credit card limits the cardholder's responsibility to $50.

"But it's a hassle. It's a huge hassle," said McGirt. "The onus of responsibility is on you to document that these were not your charges. That's where it gets tough."