Update: RBS and Heartland delisted from PCI-DSS

Posted by Keith McMillan

March 17, 2009 | Leave a Comment

The Register has an article on the Payment Card Industry decertifying Heartland Payment Systems and RBS World Pay from their Data Security Standard.  As of now, those two entites that suffered the most recent, and dare one say huge, security breaches, are no longer able to do business with PCI merchants.

I wrote before (The New Computer Hacking Game) that it was a amazing to me that a company could be PCI-DSS certified and have an ongoing breaches as Heartland, and apparently RBS, did.  It seems I’m not alone in being incredulous, as the Reg observes:

The ability of attackers to penetrate both companies while they were in good standing with the PCI guidelines has prompted some to criticize them as little more than a rubber stamp designed to make the public feel more comfortable using credit cards.

It would be nice to have something positive come out of this, other than getting new credit cards where the shinyness hasn’t worn off the numbers yet…

via [The Register]


RSS feed | Trackback URI

Comments »

No comments yet.

Name (required)
E-mail (required - never shown publicly)
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> in your comment.