The “Other” Processor Breach Lurking In The Shadows
Written by Evan SchumanIt’s been clear for a few weeks now that there has been another major credit card processor breach—above and beyond Heartland–lurking in the retail financial shadows. But the processor (along with co-conspirators Visa and MasterCard) has remained silent and, for the moment, unidentified. One report said that the breach appeared to be limited to “card not present” transactions, which certainly suggests an E-Commerce-only aspect.
StorefrontBacktalk has been in a quandary on this one for weeks, as it seemed pointless to run a story in which we couldn’t say who the processor was, how the breach happened, what the breach accessed or, well, pretty much anything else. But as more media outlets report that there has been another processor breach of some sort, staying silent started to seem ridiculous.
-Marc
February 25th, 2009 at 4:13 pm
We’ll probably be seeing more large breaches in the future. PCI DSS is a good starting point for security, and it seems to be gradually increasing the level of security that it requires over time, but it’s still not enough to ensure serous protection of sensitve cardholder data that withstand an attack by determined and well-equipped adversaries.
February 26th, 2009 at 11:21 am
What scares me most is “why” this breach has not been made public. Doesn’t the public still have a right to know? I suspect the reason is because this news (of what may be the largest breach is U.S. history) would come at a time when the Money Center Banks are in crisis, the stock market is at a 10 year low, and Washington is trying to pass the largest budget we’ve ever seen. I’m probably in the minority, but I’d sure like to have the bad news now, rather than waiting until someone (at the processor, or worse yet – the card brands) thinks “the time is right,” to unload this news. Just rip the tape off, already. Let’s get all the bad news behind us – now.