Monday, November 19, 2007

TJX "Compliant" Until Dec 2008

This needs to be blogged, at least for posterity :-): "The latest is that Visa knew that TJX had “extensive security problems,” but chose to let them off the hook to become PCI compliant until 2009" and "Ironically — while hackers were happily stealing a lot of PEOPLE’s personal and financial information — Visa wrote TJX telling them they would be holding off from fining them as long as they were diligent in fixing the problem."

More details here and here. Irony (and stupidity) in action, PCI inaction :-)

No comments:

Dr Anton Chuvakin