Compliance does not ensure security
It is once again documented that compliance does not necessarily mean security. It is recently reported that a company has been a victim of an exploit that captures the credit card information of the customers. According to NYtimes, Hannaford Bros. Co.'s supermarkets are across the Northeast and in Florida experienced a massive data breach compromised up to 4.2 million credit and debit cards, the company said Friday.
Although we have seen a similar incident before such as TJMax's data breach, this breach is the first one in which data is stolen during the transmission.
Beyond the usual take-aways, I think the most important take-away from this case is that compliance does not ensure security. Apparently, NYtimes reports that Hannaford Bros. Co. has been in compliance with security standards required by the Payment Card Industry, a coalition founded by credit card companies.
Although we have seen a similar incident before such as TJMax's data breach, this breach is the first one in which data is stolen during the transmission.
Beyond the usual take-aways, I think the most important take-away from this case is that compliance does not ensure security. Apparently, NYtimes reports that Hannaford Bros. Co. has been in compliance with security standards required by the Payment Card Industry, a coalition founded by credit card companies.
posted by PM at 1:44 PM
<< Home