PCI DSS Archive
In January, Ascension’s server suffered a security lapse that allowed information on 24 million bank, mortgage and other loans to be accessed online. The server contained decades worth of data, but was not password protected. The lack of security allowed …
Attorney General of North Carolina Josh Stein and House Representative Jason Saine have introduced the “Strengthen North Carolina Identity Theft Protection Act,” mandating organizations to report data breaches within 30 days. What does the Act say? The Act updates the …
Oklahoma might have been “O.K.” in Rodgers and Hammerstein’s 1943 Pulitzer Prize-winning Broadway musical, but the state’s cybersecurity standards certainly aren’t. On January 16, the ODS (Oklahoma Department of Securities), which oversees and regulates Oklahoma’s securities business, announced “an incident …
Black Friday and Cyber Monday are almost upon us. Let the shopping begin! However, the flurry of purchases and the data that they represent means cybercriminals will also be looking to cash in. What are the risks? As well as genuine …
In the middle of a market suffering lower-than-expected earnings reports, two tech companies stand out for their approaches to privacy. Google, which recently shuttered its social media service Google Plus following a major data breach, is now under scrutiny from …
The PCI DSS (Payment Card Industry Data Security Standard)was created in 2004 by American Express, Discover, Mastercard, Visa and JCB. It is a set of policies and procedures intended to optimize the security of credit, debit, and cash card transactions and protect cardholders against misuse of their personal information. It applies to …
The FBI has warned U.S. banks that cyber criminals are planning a global cash-out blitz at ATMs. Criminals plan to hack bank or payment card processors and use cloned cards at ATMs around the world to fraudulently withdraw millions of …
Keeping cardholder data secure can be incredibly difficult, but have you tried… not storing so much information? You’d be surprised at how effective that apparently flippant advice is. Organizations often store more information than they need, making security trickier than …
The best advice when dealing with cardholder data is always that ‘if you don’t need cardholder data, don’t store it’. This will go a long way to reducing the scope and is easier to achieve than it might appear. There …
A new type of malware, which disguises itself as a service pack for remote connectivity software service LogMeIn, steals payment card data from point-of-sale (POS) systems, according to researchers at Forcepoint Labs. The researchers spotted the malware – dubbed ‘UDPOS’ …
