Global Payments, a major Atlanta-based credit card processing company, disclosed in March 2012 that it had suffered a data breach affecting approximately 1.5 million credit and debit card accounts. The attackers stole track 1 and track 2 data — the full magnetic stripe information required to clone physical payment cards. Following disclosure, Visa temporarily removed Global Payments from its list of PCI-DSS compliant service providers — a severe industry sanction. Global Payments spent approximately $84.4 million responding to the breach. The company was eventually restored to PCI-DSS compliance. The breach occurred despite Global Payments’ status as a large, established payment processor that was supposedly compliant with industry security standards, reinforcing criticism that PCI-DSS compliance is a snapshot assessment that doesn’t guarantee real-time security.