Mar
17
Update: RBS and Heartland delisted from PCI-DSS
Posted by Keith McMillan
March 17, 2009 | Leave a Comment
The Register has an article on the Payment Card Industry decertifying Heartland Payment Systems and RBS World Pay from their Data Security Standard. As of now, those two entites that suffered the most recent, and dare one say huge, security breaches, are no longer able to do business with PCI merchants.
I wrote before (The New Computer Hacking Game) that it was a amazing to me that a company could be PCI-DSS certified and have an ongoing breaches as Heartland, and apparently RBS, did. It seems I’m not alone in being incredulous, as the Reg observes:
The ability of attackers to penetrate both companies while they were in good standing with the PCI guidelines has prompted some to criticize them as little more than a rubber stamp designed to make the public feel more comfortable using credit cards.
It would be nice to have something positive come out of this, other than getting new credit cards where the shinyness hasn’t worn off the numbers yet…
via [The Register]
Comments
Comments »
Blogroll
- Ars Technica
- Dark Reading - IT Security
- Help Net Security
- InformIT
- SANS Internet Storm Center
- Schneier on Security - Dr. Bruce Schieier’s blog
- Security Info Watch
- What to Fix - Daniel Markham, fellow consultant
- Wired Gadget Lab
- Wordpress Documentation
- WordPress Planet
- Wordpress Support Forum
No comments yet.