[Owasp-codereview] [Owasp-ireland] Potential of 4.2 million credit card details stolenvia cyber attack.
brian.honan at bhconsulting.ie
Tue Mar 25 07:02:14 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Sorry I forgot to say in my last mail.
Who is to blame? Well while everyone points the fingers at
Hannafords, the PCI assessors and VISA/Mastercard themselves - I
suggest we look at the criminals who conducted the breach. After all
if someone breaks into my house, is that my fault? my alarm company's
fault? or that of the lock manufacturers? or is it the criminal who
committed the burglary?
Helping You Piece IT Together
E: brian.honan at bhconsulting.ie
Supporting Global Security Week http://www.globalsecurityweek.com
This message is for the named person's use only. If you received this
message in error, please immediately delete it and all copies and
notify the sender. You must not, directly or indirectly, use,
disclose, distribute, print, or copy any part of this message if you
are not the intended recipient. Any views expressed in this message
are those of the individual sender and not of BH Consulting.
BH Consulting is a registered trade name for BH IT Consulting
Limited, Company Registration Number: 393479 with registered offices
at Suite B011, The LINC Centre, Blanchardstown Road North, Dublin 15.
From: owasp-ireland-bounces at lists.owasp.org
[mailto:owasp-ireland-bounces at lists.owasp.org] On Behalf Of Eoin
Sent: 25 March 2008 10:26
To: owasp-ireland at lists.owasp.org; Owasp-codereview at lists.owasp.org;
owasp-testing at lists.owasp.org; owasp-leaders-bounces at lists.owasp.org
Subject: [Owasp-ireland] Potential of 4.2 million credit card details
stolenvia cyber attack.
Maybe a bit slow on this one but I'd thought I'd share it
A PCI compliant company was compromised and an estimate of 4.2
million cc numbers were obtained.
The issue arises that the company were PCI compliant and now the
blame game has ensued. The PCI assessors are being blamed, there is
mention of ambiguity regarding the PCI standard, where to apply some
of the technical controls etc..
Eoin Keary OWASP - Ireland
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
-----END PGP SIGNATURE-----
More information about the Owasp-codereview