American supermarket chain Schnucks says that around 2.4 million cards may have been compromised by a data breach which saw crooks install malware on its systems.
It goes without saying - if they say they've been certified as PCI compliant, then how can malware be accessing [encrypted] Cardnumber & Expiry Date?
Cleverly crafted malware can do all kinds of things, including decrypting data. PCI is a good starting point, but unfortunately not a guarantee that you won't be hacked. Anyone believing into any kind of certificate as a proof of absolute protection might
as well believe in Santa Claus and the Easter Bunny ...
At what point are retailers going to realize using the Internet as the datacom solution for POS transactions is simply not worth the risk?
Competitive PackageLondon, UK
© Finextra Research 2015