SEARCH RESULTS
 
Showing 1-10 of 19 records
 
Expand article

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog
 
...merchant, over a merchant that isnt PCI compliant, will reduce your chance of having your credit card data stolen isnt always accurate Now Im not saying PCI isnt important, after all this breach may have never been found if PCI measures werent put in place, but enterprises have to look beyond the task of being compliance and take whatever...
 
Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures
 
 
 
 
Expand article

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog
 
...merchant, over a merchant that isn???t PCI compliant, will reduce your chance of having your credit card data stolen isn???t always accurate Now I???m not saying PCI isn???t important, after all this breach may have never been found if PCI measures weren???t put in place, but enterprises have to look beyond the task of being compliance and...
 
Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures
 
 
 
 
Expand article

Montgomery Ward breached, no notification obligation?

The Article has images
2008-06-27 23:45:03 by Evan Francen in The Breach Blog
...merchant CardCops then intercepted several hundred of the records, along with the online handles belonging to hackers whose real names remain unknown Along with the card numbers, their three-digit "security codes" and expiration dates, the thieves had the cardholders' names, addresses and phone numbers The data had been organized in the...
 
Tags: card companies, companies, services, services closely, credit card companies, services retail properties, financial company citigroup, company, montgomery ward
 
 
 
 
Expand article

KimsCrafts e-commerce breach affects 4,500

The Article has images
2007-12-14 16:08:39 by Evan Francen in The Breach Blog
...merchant " according to VISA. As a Level 4 merchant, KimsCrafts is required to complete an annual PCI Self-Assessment Questionnaire and quarterly network scans (by an "Approved Scanning Vendor"). I wonder if KimsCrafts was complying prior to this breach report. If they were, then this leads to questions about why the Approved Scanning Vendor...
 
Tags: kimscrafts, breach, e-commerce, credit file, credit, credit card data, kimscrafts e-commerce site, data, data security firm
 
 
 
 
Expand article

Confidential information sent to PinPay.net and SoftCard.biz is exposed

The Article has images
2008-05-08 13:26:03 by Evan Francen in The Breach Blog
...Merchants, Agents and customers Number Affected Unknown Types of Data Name, mailing address, phone number, email address, date of birth, city of birth, sex, and one or more of the following (chosen from drop-down Passport Voting ID card PAN card Driving License card Government issued ID card Social Security Card Military ID card Consular...
 
Tags: information, drivers license card, license card, card, free card, social security card, sensitive information, sensitive personal information, encrypt sensitive information
 
 
 
 
Expand article

Altman Weil online store compromised

The Article has images
2008-06-16 15:27:28 by Evan Francen in The Breach Blog
...Merchant Bank, Bryn Mawr Trust of the potential security breach On May 16, 2008, learned that Bryn Mawr Trust outsources the actual credit card functions of the Merchant Bank to TransFirst On May 16, 2008, contacted TransFirst and notified it of the potential security breach and was informed that it would notify the three credit card...
 
Tags: altman weil, breach description, breach, security breach, altman weil immediately, altman weil customers, credit card information, potential security breach, information
 
 
 
 
Expand article

Do you trust the merchants to protect your credit cards?

2007-12-11 09:01:26 by Khalid Kark in Security & Risk Management
 
...merchants to store complete card numbers. Currently, some merchants are required to keep credit card numbers for up to 18 months to satisfy card retrieval and dispute requests. The letter said, "Instead of making the industry jump through hoops to create an impenetrable fortress, retailers want to eliminate the incentive for hackers to break...
 
Tags: card industry, card, payment card industry, credit card, merchants, credit card companies, provide merchants, merchants change, security
 
 
 
 
Expand article

S&K Menswear two-phased attack

The Article has images
2008-01-03 10:40:36 by Evan Francen in The Breach Blog
...Merchant . Is it safe to assume that S&K is PCI DSS compliant? It sounds like they don't store prohibited data (CVV2, Full Magnetic Stripe, or PIN / PIN Block), but only 55% of Level 3 Merchants are PCI DSS validated as of 9/30/07 . It should be easier for customers to find the status of an organization's compliance and information security...
 
Tags: information, personal information, information security practices, notification, information security, breach notification letter, sample customer letter, credit card, credit card data
 
 
 
 
Expand article

When Will the Media Industry Embrace the BORA Principle?

2007-03-22 10:06:00 by Eric Marvets in The Security Samurai
 
...merchant agreements that left stores 100% liable for fraud, companies like Amazon accepted the increased risk and allowed the credit card industry to ultimately be successful. By 1998, Visas sales volume had tripled which cut fraud as a percentage nearly in half Credit cards went from being used for credit to being used for convenience (what...
 
Tags: credit card, credit, credit card industry, credit card fraud, industry, media industry, cut fraud, fraud, credit cards
 
 
 
 
Expand article

Sitting on your hands is not an option - FUD, Compliance, what will it take to sell security?

2008-03-13 00:17:43 by HASH0x84729f8 in StillSecure, After All These Years
 
...merchant world security business and I don't think we have seen it peek yet. Yes, how sweet it is But what is next for the security industry? What is going to make people buy security next. Can we rely on the next gimmick or sales angle? Will there be a new statute, rule or regulation? Will a security breach scare the rest of us into doing...
 
Tags: security breach, security breach scare, security, security breach cost, security purchase, security industry, provide security,