Up to 40 million credit card accounts were compromised, after the breach of security at Cardsystems.
The theft affected mostly Mastercard and Visa clients, but American Express and Discovery customers were also hit.
Fraudulent transactions have now emerged in Japan, where as many as 26 credit firms are linked to Mastercard.
The Japanese government warned that almost all 26 domestic credit firms may have been affected.
UFJ, one of Japan's biggest banks, said that there have been about 20 suspect transactions reported by customers at its credit card division.
UCS, a credit card firm affiliated with supermarket chain Uny, also said that more than 100 of its clients may have been affected, while there are concerns about cards issued by a number of regional banks.
In Hong Kong, lenders have warned their customers, but said that only a "small number" need worry.
At least 200,000 individual records are known to have been stolen, following the breach of security at Arizona-based Cardsystems.
Speaking in an interview with the New York Times on Monday, the chief executive of Cardsystems John Perry said that the firm had not followed security measures put in place by Mastercard and Visa.
It had held on to personal data for research purposes, instead of removing it once the transaction was complete, he said.
"We should not have been doing that," he told the New York Times.
Mastercard has sought to reassure customers, saying that social security numbers, the golden egg of personal information, had not been compromised.
News of the theft has prompted calls for greater regulation of the 500 or so firms that process credit card transactions in the US.
Full Story .