On August 23, Mastercard’s European business unit disclosed a data breach affecting approximately 90,000 Belgian and German customers of its German Priceless Specials loyalty program. The breach exposed sensitive customer data including names, addresses and credit card numbers. According to the company, the incident was the result of a breach experienced by the third-party provider that manages Mastercard’s loyalty program in the region.

To Mastercard’s credit, the company notified regulators and customers of the loyalty program breach quickly and moved swiftly to secure customer data by suspending the loyalty program website and removing customer information that had been published on the internet. The company is also offering free credit monitoring services to affected customers.

Despite these steps, Mastercard could still face consequences. While a third-party was responsible for the breach, Mastercard could still be subject to significant fines under GDPR. The breach could also have even more damaging and long-term financial consequences for the company, with the potential reputational damage and customer trust.

This breach at Mastercard is just the latest example of the importance of ensuring security and compliance, not only for your own company, but for any third-party that has access to customer data. To truly ensure your customers are protected, all touchpoints must be secured.

PCI Pal’s solutions can help your company and the organizations you work with ensure sensitive information is secured, descoping your contact center so that sensitive cardholder data never reaches your environment and isn’t accessible to hackers. Contact us today to find out how PCI Pal can help protect you and your customers from becoming the next data breach victim.