|How do you perform on a test that checks if you can leak sensitive information such as credit card numbers? |
How are we testing?:
This test checks if a set of numbers that match the format of valid credit card numbers can be sent out over your network. Your network security infrastructure should easily identify these numbers as credit cards and apply a block to them.
Why is this test important?:
For organizations requiring PCI compliance, Credit Card data must be protected. Credit card numbers are often the target of criminals who use them to commit theft and fraud. When a breach of credit card information occurs, it can expose your organization to negative press attention, federal enforcement actions, lawsuits from customers whose information was compromised and other legal actions. You may also be assessed sizable penalties if you fail to comply with the numerous, and sometimes contradictory, requirements of various regional laws governing data breaches. Costs incurred include the provision of fraud monitoring for 1 year or more and remediation services to consumers affected.
How Frequently Do Data Breaches Occur?
Data breach incidents doubled to more than 1,400 annually over a 5-year period 2009-13 with a data breach in the US costing $188 per customer record in 2013. Recently, Home Depot, Target and the State of South Carolina revealed massive data breaches compromising the credit card numbers of millions of customers.
In Home Depot's case, the breach has triggered government investigations, possible fines and a review by ratings agencies.Source
|In the News:|
20 Jun 2017
The BBC reports that the leak represents the largest breach of electoral data in the U.S. to date, leaving the information of nearly 200 million registered voters exposed. While the leaked files did not include voters' Social Security or credit card ...
30 May 2017
Phone numbers for credit companies are usually on the back of the cards. Chipotle said that the malware has since been removed, and no other customer information was stolen. The company provided a list of locations that were affected by the breach on ...
25 May 2017
DETROIT (WJBK) - The personal information of employees at Punch bowl Social located downtown Detroit have been exposed. The leak happened last March at the popular restaurant and bar in Detroit. Many employees are wondering why they are just now ...