The retailer then made a second admittance on January 10th 2014, revealing a further 70 million consumers has been affected in the same cyber attack. Target believes criminals were able to access and steal the names, physical addresses, telephone numbers and email addresses of these customers.
PCI DSS compliance doesn't come cheap, which poses a serious problem for small businesses considering all companies that store and process payment card data need to ensure they fulfill their obligations vis-a-vis PCI DSS.
Hotels across the US are again in the information security spotlight this week, with a new advisory note issued by the Secret Service warning of an uptick in hacking attempts on guests' data.
PCI DSS compliance is essential for any company that stores and processes payment card data, but new research suggests UK awareness of the standard is still low. It's also arguably more important in the travel and accommodation sector than most others, because advance booking systems often require this information to be retained for extended periods of time.
Back in March 2014, hacking collective Anonymous carried out a 'data dump' of personal information on almost seven million American Express (Amex), MasterCard, and Visa cardholders in the US. Cybercrime experts quickly established that the dump contained credit card and social security numbers, dates of birth and zip codes, but intelligence on how the information was harvested - and by extension, who should be concerned - is still sketchy.
Compliance with PCI DSS is not simple. Carrying out a preliminary assessment alone takes the average company more than a week, according to the Vanson Bourne survey. Nonetheless, through each of the three versions of the standard, the PCI has maintained a list of 12 unchanged objectives that provide an insight into its core principles.