|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dataloss] CardSystems Settles FTC Charges
From: lyger (lyger
attrition.org)
Date: Thu Feb 23 2006 - 20:17:40 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
In the case of CardSystems and their new companies, it might be because
VISA is no longer doing business with them?
http://attrition.org/errata/dataloss/cardsystems04.html
What suprises me is that ChoicePoint was hit with a $15 million settlement
and CardSystems, which was a much larger breach in terms of people
affected, only has to "implement a comprehensive security program" and
undergo ten audits over the next twenty years.
On Thu, 23 Feb 2006, Adrian Sanabria wrote:
": " That doesn't make sense, unless I'm missing something...
": "
": " VISA's PCI requirements require ANNUAL audits by an external auditor
": " already. So what good are the FTC's requirements if more stringent
": " ones were already in place by VISA?
": "
": " Why not just require this of all companies handling large amounts of
": " sensitive financial data?
": "
": " It is too little, too late, and the FTC is missing a big opportunity
": " to make a real difference. Everyone suprised?
_______________________________________________
Dataloss mailing list
Datalossattrition.org
https://attrition.org/mailman/listinfo/dataloss
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]