Tuesday, March 18, 2008

On Hannaford Brothers Breach and PCI

So, is Hannaford Brothers breach a PCI failure? Rich Mogul discuss this here by pointing at this piece in the breach FAQ:

"Is it safe to continue shopping in your stores?
We have continually devoted significant round-the-clock resources to ensure Hannaford has comprehensive data security systems in place. For example, our security measures meet industry compliance standards and many go above and beyond what is required by industry standards."

Are they alluding to PCI here? I think so ... So, is this a PCI failure? Or this is simply a reflection of the fact that you CAN be 0wned, no matter how many compliance hurdles you overcame....?

Dr Anton Chuvakin