Tag: Breach Analysis
Total 4 Posts
By John •
March 18, 2018 •
At a recent meeting of the UK Merchants' PCI Working Group I mentioned that there was some soft case law in the form of ICO enforcement action which helps to answer the question of whether PCI DSS is sufficient to meet GDPR’s requirement for organisations to implement “appropriate technical
By John •
November 22, 2016 •
Like many credit and debit card acquirers, when Tesco Bank’s fraud system detects what it thinks is a fraudulent transaction on a cardholder’s account it sends the customer an SMS saying “please contact the bank”. It’s pretty obvious that it doesn’t have any sort of velocity
By John •
November 19, 2016 •
I’ve read some pretty amazing articles and blogs in the last week that show quite a misunderstanding about how criminals steal money, how payments work and how the new General Data Protection Regulation would both punish Tesco Bank and simultaneously remedy all ills. Cyber security and financial crime is
By John •
November 25, 2009 •
There’s been a lot in the press for the past few days about the recent T-Mobile breach. Basically it appears that a number of staff at the mobile phone company have been selling customer data which included the customer’s name, their mobile number and when their contract expired.