Articles

RSS

Click Here To Download:
•White Paper: Shopping For A Secure File Transfer Solution For Retail

By Ipswitch, Inc.

In March 2008, the Hannaford grocery chain acknowledged that 4.2 million credit and debit cards used at its stores in six states were compromised over a three-month period. According to Hannaford, malware loaded onto more than 300 servers resulted in card numbers and expiration dates being transferred overseas while in transit at the point of sale scanner. The attack occurred even though Hannaford had received Payment Card Industry Data Security Standard (PCI DSS) certification, and ironically was underway at the time the PCI DSS audit was being conducted. The company is currently spending millions of dollars to enhance the security of its data network.

Over a period of 18 months during 2005 to 2007, hackers gained access to major worldwide retailer TJX's networks and stole more than 94 million credit cards. This high-profile breach became the poster child for lax corporate security practices, irreparably damaging TJX's reputation. SEC filings indicate that the total cost of the security breach could top $250M, with the financial aftermath affecting TJX through 2010.

In response to these challenges, American Express, Discover, JCB, MasterCard, and Visa agreed in 2004 to create industry standards to help prevent theft of consumers' data. The five companies merged their separate data security programs to form an independent council to manage PCI DSS and secure payment account data in a globally consistent manner. The PCI DSS standards require any organization that accepts, stores, communicates, or processes credit card transactions to protect the security, privacy, and confidentiality of cardholder information, and track who accesses it and the security measures taken to prevent theft, loss, or accidental disclosure.

Click Here To Download:
•White Paper: Shopping For A Secure File Transfer Solution For Retail