What is it going to take to change the thinking of the corporates on this? We all know it's "when" and not "if" but they think its the other way around. Will some mega-billion dollar class-action lawsuit be needed? Or maybe some common sense that if you do care about your customers, you will take the proper steps from the highest member of management to the lowest member of the hotel/business staff.
Trump confirms carders raided Las Vegas hotel sales tills
Trump Hotel Collection has confirmed in a letter to customers that IT security at one of its Las Vegas hotels was breached. News emerged in July of a possible breach at the US chain owned by real estate magnate and Republican candidate Donald Trump. It was suspected at the time based on intelligence from bank fraud sleuths …
COMMENTS
-
Tuesday 29th September 2015 03:13 GMT Spaceman Spiff
Most of these vulnerable POS systems run some version of Microsoft Windows - usually XP. Are we surprised they were hacked? Not even slightly! There are POS systems built on hardened operating systems such as QNX and Linux that are very hard to hack, especially QNX, which is used in safety and security critical systems, such as nuclear power plant control systems.
-
Tuesday 29th September 2015 04:02 GMT Neoc
Correct me if I'm wrong
I believe that the CCV is supposed to be used *once* to confirm a new credit card number. The card number gets stored but I believe the CCV is not legally meant to be stored in a database.
If my recollection is true, and the CCV *was* stored in the system, wouldn't this be a egregious legal breach?
<edit> Ah, never mind. I just re-read the article and it wasn't (just?) the database that was breached but the system which accepted CC information for processing... which would include CCVs.