Sams club credit security breech?



When I saw a story on incidents.org with the title PCI Compliance, I wondered what SANS was doing covering a hardware standard…. oops. PCI in this case means Payment Card Industry. It turns out that Sams Club has had a security breech that has exposed customers credit card information. The data seems to have been pinched from those buying gas between Sept. 21st and Oct. 2nd.


Details on CISP (Cardholder Information Security Program) and the PCI standard here from Visa. One of the questions that this issue will raise is how card companies enforce the PCI compliance, if the same rules will apply for large operations as they would for smaller ones.

I’ve read the PCI requirements and it seems a reasonable approach to making sure systems dealing with credit card information are kept secure.

My big question is how those points are policed/enforced.

   Send article as PDF   

Similar Posts