Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Dataloss] CardSystems Settles FTC Charges
From: lyger (lygerattrition.org)
Date: Thu Feb 23 2006 - 20:17:40 CST
In the case of CardSystems and their new companies, it might be because
VISA is no longer doing business with them?
What suprises me is that ChoicePoint was hit with a $15 million settlement
and CardSystems, which was a much larger breach in terms of people
affected, only has to "implement a comprehensive security program" and
undergo ten audits over the next twenty years.
On Thu, 23 Feb 2006, Adrian Sanabria wrote:
": " That doesn't make sense, unless I'm missing something...
": " VISA's PCI requirements require ANNUAL audits by an external auditor
": " already. So what good are the FTC's requirements if more stringent
": " ones were already in place by VISA?
": " Why not just require this of all companies handling large amounts of
": " sensitive financial data?
": " It is too little, too late, and the FTC is missing a big opportunity
": " to make a real difference. Everyone suprised?
Dataloss mailing list