BreachExchange mailing list archives
PCI: A Brand, Not a Security Standard
From: security curmudgeon <jericho () attrition org>
Date: Sat, 9 May 2009 03:11:24 +0000 (UTC)
http://attrition.org/security/rants/pci/heartland01.html PCI: A Brand, Not a Security Standard Fri May 8 21:09:02 EDT 2009 security curmudgeon I am so fed up with this entire ordeal. As a customer who was twice affected by Heartland's security breach (two different cards through two institutions were re-issued because of the breach), I am disgusted with Visa and Heartland. PCI and its cheerleaders make me angry. Visa is a PCI fan because it transfers risk to their customers, and removes liability from Visa. It's in their best interest to maintain the integrity of PCI at any cost, even when that cost is violating their own integrity. How can anyone sit back and groan about this ordeal without getting mad? Visa, PCI and Heartland are as bad as Enron, as bad as the Wall Street thugs who tanked the economy, and are nothing more than wealthy criminals. I have asked Visa to comment on specific aspects of this. Attrition has had calls in to Heartland to comment on points of confusion and question. We sit here, unsatisifed, without answers and wondering why either can stay in a position of financial power. [..] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss
Current thread:
- PCI: A Brand, Not a Security Standard security curmudgeon (May 08)