[Dshield] Guidance Software hacked?

Don Jackson dwjackson at bcbsal.org
Tue Dec 20 20:51:15 GMT 2005


First, I am amazed they would keep the CVV.  I am amazed they stored any
card info unencrypted.  I would like to see minimum default/summary
judgements against companies who violate merchant account policies, in
addition to full $500,000 (per violation) fine levied directly at the
offending company, plus any damages one would sue for the old fashioned
way.

I'm an EnCase owner, and I'm glad I used a P.O. through a reseller. 
:)

>>> frank at knobbe.us 12/20/2005 12:14 pm >>>
Anyone care to comment on this one?

http://www.channelregister.co.uk/2005/12/20/guidance_security_breach/ 

I'm extremely disappointed that they even kept the 4 digit
verification
number, though I hear that a lot of merchants do that (in violation of
CC policies).

I guess because I don't live in California, I wasn't required to be
notified? Thanks a lot fellas... :[

-Frank


-- 
It is said that the Internet is a public utility. As such, it is best
compared to a sewer. A big, fat pipe with a bunch of crap sloshing
against your ports.


*** *** *** *** *** *** *** *** *** ***
  CONFIDENTIALITY NOTICE  
This e-mail is intended for the sole use of the individual(s) to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law.  You are hereby notified that any dissemination, duplication, or distribution of this transmission by someone other than the intended addressee or its designated agent is strictly prohibited.  If you receive this e-mail in error, please notify me immediately by replying to this e-mail.
*** *** *** *** *** *** *** *** *** ***


More information about the list mailing list