The breach happened when someone hacked into a credit-card processing company. Mastercard is not saying how many cardholders, banks of issuing companies are affected, but reports put it anywhere between 50,000 to 10 million.
The credit-card company has notified law enforcement agencies and issuers of the MasterCard accounts that have been compromised.
"MasterCard is concerned whenever there is any possibility that cardholders could be inconvenienced and we continue to both monitor this event and take steps to safeguard account information," the company said in a statement.
MasterCard and Visa officials say the security breach happened not within their systems, but at an Atlanta-based credit-card processor that handles accounts for the two companies. MasterCard says its own systems have not been compromised.
"We see this kind of breach occurring fairly frequently. In the past couple of years, there have been about two or three of these," said Dr. Clifford Neuman of the USC Center for Computer Systems Security.
Neuman says no credit card system is foolproof, though there are inherent problems with the American system that lead to cardholder headaches.
"There's weaknesses in the way that our credit cards in the U.S. typically are set up. They're fairly easy to copy, they're not using real high-tech solutions to prevent the copying of that data," Neuman said.
The good news is credit-card users are not responsible for fraudulent charges. Neuman says some cardholders may now have to deal with the inconvenience of switching account numbers, and every MasterCard or Visa cardholder should be a bit more vigilant.
The Associated Press contributed to this report.