Cybercriminals have gained access to millions of credit card transaction details, a US electronic payments processing company has revealed.
Forensic investigators have uncovered malicious software that compromised data that crossed the network at Heartland Payments Systems, the company said in a statement.
The number of credit card details exposed by the intrusion has not been disclosed, but Heartland handles around 100 million transactions a month for 250,000 US organisations.
In light of these numbers, the Heartland data breach could far exceed the 45 million identities stolen from nine US retailers including TJX in 2007.
"We understand that this incident may be the result of a widespread global cyber fraud operation," said Robert Baldwin, president and CFO at Heartland.
The company is co-operating closely with the US Secret Service and Department of Justice, he said.
No merchant data or cardholder social security numbers or contact details were involved in the breach, the company said.
Heartland conducted the investigation after alerts last week from Visa and MasterCard of suspicious activities connected with credit card transactions.
The company said the security breach has been contained, but advised cardholders to examine their statements closely and report any suspicious activity to card issuers.