|
Visa Removes Heartland, RBS Worldpay from PCI List |
|
|
|
Heartland Payment Systems and RBS Worldpay have been removed from Visa Inc.'s list of PCI compliant service providers and will have to undergo new PCI assessments and reapply for inclusion on the compliance list, according to a Visa announcement.
Visa's action came after the two companies revealed they were victimized by hackers who managed to plant malicious software in the companies' internal processing systems and steal card data from the unencrypted data stream. |
|
Read more...
|
|
When the PCI Security Standards Council convenes its annual Community meeting Spetember 21-23 in Orlando, the major topic for discussion will be the new version of the PCI standard, which will be unveiled just prior to the meeting and will take effect in January.
Dubbed PCI 2.0, the latest iteration of the PCI requirements won't add any major new wrinkles, according to the Council, but will address what PCI requires in terms of enterprise-wide security, including new requirements with regard to "scoping." That's the process of locating where sensitive cardholder data resides within a network, and whichlocations are subject to PCI.
The new standards will be made public in September, prior to the Annual Community Meeting and following discussions there, will be released in final form sometime in October, with an effective date of January 1.
ETA's Compliance Day, which covers PCI along with broader aspects of compliance, has been colocated with the PCI meeting to allow participants to take part in both meetings if they choose. Compliance Day is September 21. Details are available here. |
|
|
Visa Says No New Breach After All |
|
|
|
In a statement issued February 27, Visa said that alerts recently sent to banks and credit unions warning them about a compromise at a payment processor were related to the ongoing investigation of a previously known breach, rather than a new incident.
|
|
Read more...
|
|
|
Visa Confirms Another Payment Processor Breach |
|
|
|
Another payment processor has fallen victim to hackers, according to SC Magazine,a tyrade publication for IT security professionals. The magazine reported that the breach was confirmed by Visa in a conference call Feb.23, but the identity of the processor was not revealed.
Visa and MasterCard repotedly are notifying banks about accounts impacted by a "major compromise," unrelated to the massive Heartland Payment Systems incident announced last month, according to a number of credit unions and banking associations, the magazine said.
The hackers apparently breached the processor in the same way they infiltrated Heartland -- by placing malicious software on the network, according to an alert from the Pennsylvania Credit Union Association.
|
|
Read more...
|
|
|
Wyndham Hotels Breach Revealed |
|
|
|
Hackers broke into a computer at Wyndham Hotels and Resorts last July and stole tens of thousands of customer credit card numbers, the hotel chain has warned.
The break-in occurred at a property belonging to a Wyndham franchisee, but that computer was linked to other company systems. "That intrusion enabled a hacker to use the company server to search for customer information located at other franchised and managed property sites," the company said in a statement disclosing the breach.
|
|
Read more...
|
|
|
|
