Credit card processor breach highlights need for PCI compliance testing

The high value represented by credit card details has always made them a target for interception and replication.

This seems to have been the motivation behind a recent breach reported by payment card industry giants Visa and MasterCard.

According to Fairfax Media, the two key players have informed banks across the US about the specific accounts that may have been compromised in the attack.

In a series of rolling reports, online security journalist Brian Krebs explained the breaches had occurred sometime between January 21 and February 25 and that the thieves had made away with sensitive information from approximately ten million accounts.

Mr Krebs wrote: “The alerts also said that full Track 1 and Track 2 data was taken – meaning that the information could be used to counterfeit new cards.”

The major players responded quickly to the reports, with Visa issuing a statement that read: “Visa Inc. is aware of a potential data compromise incident at a third party entity affecting card account information from all major card brands.”

While Australian consumers are not liable for the fraudulent behaviour, it remains in the interests of all card handlers to ensure that their systems remain compliant with the payment card industry data security standard in order to minimise breaches and the disruption they can cause.