BOSTON (AP) _ Visa USA Inc. is cutting ties with the payment-processing company that left 40 million credit and debit card accounts vulnerable to hackers in one of the biggest breaches of consumer data security.
CardSystems Solutions Inc. ``has not corrected, and cannot at this point correct, the failure to provide proper data security for Visa accounts,'' Rosetta Jones, a Visa vice president, said in a statement.
She said banks that issue Visa cards would have until Oct. 31 to cease having CardSystems process payments.
Representatives for Atlanta-based CardSystems did not immediately return calls seeking comment.
Visa's statement said that while CardSystems has taken some remediating actions since the breach was disclosed, those could not overcome the fact that CardSystems had inappropriately held on to data _ purportedly for ``research purposes'' _ in violation of Visa's security rules.
While information relating to 40 million accounts was laid bare in the CardSystems computer break-in, credit card companies have said a much smaller amount, at least 200,000, were known to be stolen, primarily MasterCard and Visa cards.
Spokeswomen for MasterCard International Inc., American Express Co. and Discover Financial Services Inc. did not immediately say whether they would take similar steps to ban CardSystems.
Privately held CardSystems, whose CEO is a former Visa executive, has 115 employees in Atlanta and Tucson, Ariz., where its system was hacked. Backed by such investors as Principal Financial Group Inc., CardSystems has been in business for more than 15 years and processes more than $15 billion in payments annually.