BreachExchange mailing list archives
Re: CardSystems Settles FTC Charges
From: "Adrian Sanabria" <adrian.sanabria () gmail com>
Date: Thu, 23 Feb 2006 21:06:48 -0500
That doesn't make sense, unless I'm missing something... VISA's PCI requirements require ANNUAL audits by an external auditor already. So what good are the FTC's requirements if more stringent ones were already in place by VISA? Why not just require this of all companies handling large amounts of sensitive financial data? It is too little, too late, and the FTC is missing a big opportunity to make a real difference. Everyone suprised? On 2/23/06, lyger <lyger () attrition org> wrote:
http://www.ftc.gov/opa/2006/02/cardsystems_r.htm In the largest known compromise of financial data to date, CardSystems Solutions, Inc. and its successor, Solidus Networks, Inc., doing business as Pay By Touch Solutions, have agreed to settle Federal Trade Commission charges that CardSystems' failure to take appropriate security measures to protect the sensitive information of tens of millions of consumers was an unfair practice that violated federal law. According to the FTC, the security breach resulted in millions of dollars in fraudulent purchases. The settlement will require CardSystems and Pay By Touch to implement a comprehensive information security program and obtain audits by an independent third-party security professional every other year for 20 years. [...] _______________________________________________ Dataloss mailing list Dataloss () attrition org https://attrition.org/mailman/listinfo/dataloss
_______________________________________________ Dataloss mailing list Dataloss () attrition org https://attrition.org/mailman/listinfo/dataloss
Current thread:
- CardSystems Settles FTC Charges lyger (Feb 23)
- Re: CardSystems Settles FTC Charges Adrian Sanabria (Feb 23)
- Re: CardSystems Settles FTC Charges lyger (Feb 23)
- Re: CardSystems Settles FTC Charges Chris Walsh (Feb 23)
- Re: CardSystems Settles FTC Charges Adrian Sanabria (Feb 27)
- Re: CardSystems Settles FTC Charges lyger (Feb 23)
- Re: CardSystems Settles FTC Charges Adam Shostack (Feb 23)
- Re: CardSystems Settles FTC Charges Adrian Sanabria (Feb 23)