| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <605f8e050908130658r19063a98g343cbe1b103ef27b@mail.gmail.com> Date: Thu, 13 Aug 2009 09:58:31 -0400 From: Jeffrey Walton <noloader@...il.com> To: Security Focus <security-basics@...urityfocus.com>, "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com> Subject: Fwd: Follow-up: Heartland CEO on Data Breach: QSAs Let Us Down >From the folks at Attrition and the DatalossDB. ---------- Forwarded message ---------- From: security curmudgeon <jericho@...rition.org> Date: Aug 12, 2009 4:22 PM Subject: Follow-up: Heartland CEO on Data Breach: QSAs Let Us Down To: dataloss-discuss@...alossdb.org, dataloss@...alossdb.org http://www.csoonline.com/article/499527/Heartland_CEO_on_Data_Breach_QSAs_Let_Us_Down Heartland CEO on Data Breach: QSAs Let Us Down Heartland Payment Systems Inc. CEO Robert Carr opens up about his company's data security breach, how compliance auditors failed to flag key attack vectors and what the big lessons are for other companies. By Bill Brenner, Senior Editor August 12, 2009 CSO For Heartland Payment Systems Inc. CEO Robert Carr, the year did not start off well, to say the least. In January, the Princeton, N.J.-based provider of credit and debit processing, payment and check management services was forced to acknowledge it had been the target of a data breach -- in hindsight, possibly the largest to date with 100 million credit and debit cards exposed to fraud. In the following Q&A, Carr opens up about his company's data security breach. He explains how, in his opinion, PCI compliance auditors failed the company, how informing customers of the breach before the media had a chance to was the best response, and how other companies can avoid the pain Heartland has experienced. [..]
Powered by blists - more mailing lists