In actuality, Visa said in a statement issued Friday, alerts that it sent recently to banks and credit unions warning them about a compromise at a payment processor were related to the ongoing investigation of a previously known breach. However, Visa still didn't disclose the identity of the breached company, nor say why it is continuing to keep the name under wraps.

Visa said that it had sent lists of credit and debit card numbers found to have been compromised as part of the investigation to financial institutions "so they can take steps to protect consumers." It added that it currently "is risk-scoring all transactions in real-time, helping card issuers better distinguish fraudulent transactions from legitimate ones."

Visa's latest statement follows ones issued by both it and MasterCard International Inc. earlier this week in response to questions about breach notices that had been posted by several credit unions and banking associations. The notices made it clear that they weren't referring to the on Jan. 20 and suggested that a new breach had occurred.

Visa's initial statement, and the one from MasterCard, were both carefully worded; neither said specifically that the breach being referred to was a new one, but they also didn't say that it was a previously disclosed incident. Visa said it was "aware that a processor has experienced a compromise of payment card account information from its systems," while MasterCard said it had notified card issuers of a "potential security breach" affecting a payment processor in the U.S.

MasterCard officials didn't respond Friday to requests seeking clarification on whether its statement referred to a previous breach or a new one.