There was an unprecedented new development in the aftermath of the Target data breach this week. By now everyone living above ground is aware that hackers were able to penetrate the Target network to install malware on POS systems by hijacking the credentials from Target’s HVAC vendor. The hackers were able to take off with 100 million account records including some 40 million card numbers. The projected costs to Target are expected to be in the billions.
The news cycle and buzz surrounding the recent card security breach at Target, Neiman Marcus, and Michael’s continues to have legs, even the card associations have jumped into the discussion.
This week, Bob Russo, General Manager of the PCI Security Council testified before congress. During his testimony he made several interesting statements. The one I find of most interest was “Moving toward EMV Chip technology is an important piece of improving data security, but it is not a solution in and of itself. Used together, EMV Chip and PCI Standards, along with many other tools will provide strong protections for payment card data.” Indeed, looking at what we know of the Target breach, PCI standards 8.3 and 8.5, if properly implemented do address the source of the breach. I agree with Mr. Russo in his above comments. EMV is indeed a piece of the puzzle. It is not, however, the ultimate solution.
It's been several weeks now since the Target breach was made public. This was followed in short order by an announcement by Neiman Marcus about another breach. This weekend, a possible breach at Michael's was made public. The press has been all over these events, everyone rushing to contribute their 2 cents (Cash only please). It's time to step back, and see what we have learned.
For the last several weeks we have all been hearing about the issues with large retailers like Target and Neiman Marcus with the credit card breach. This morning on one of the news talk shows the report shared that this most likely has been going on for months and not only has aimed its malware at the big box stores, but small merchants as well.