By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    data Analytics instagram stories
    Data Analytics Helps Marketers Make the Most of Instagram Stories
    15 Min Read
    analyst,women,looking,at,kpi,data,on,computer,screen
    What to Know Before Recruiting an Analyst to Handle Company Data
    6 Min Read
    AI analytics
    AI-Based Analytics Are Changing the Future of Credit Cards
    6 Min Read
    data overload showing data analytics
    How Does Next-Gen SIEM Prevent Data Overload For Security Analysts?
    8 Min Read
    hire a marketing agency with a background in data analytics
    5 Reasons to Hire a Marketing Agency that Knows Data Analytics
    7 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: PCI-Compliant Supermarket Chain Bashas’ Breached
Share
Notification Show More
Aa
SmartData CollectiveSmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Data Management > Best Practices > PCI-Compliant Supermarket Chain Bashas’ Breached
Best PracticesBusiness IntelligenceData ManagementInside CompaniesITPrivacySecurity

PCI-Compliant Supermarket Chain Bashas’ Breached

onlinetech
Last updated: 2013/03/21 at 8:01 AM
onlinetech
3 Min Read
data breach PCI compliant
SHARE

data breach PCI compliantIn February, the supermarket chain Bashas’ Family of Stores found unique malware on their network that allowed attackers access to cardholder data across their 130 locations. Interestingly, Bashas’ is attesting that they were, in fact, compliant at the time of the breach.

data breach PCI compliantIn February, the supermarket chain Bashas’ Family of Stores found unique malware on their network that allowed attackers access to cardholder data across their 130 locations. Interestingly, Bashas’ is attesting that they were, in fact, compliant at the time of the breach. This further stresses the point that compliance is not a checkmark to attain, but a constantly maintained and revised process of risk assessments and mitigation efforts.

This investigation was initiated when customers contacted Bashas’ to report fraudulent activity on their accounts after using their cards at one of the supermarket chain locations. There have been over 400 customers affected by suspicious activity. In response, the company has implemented other security measures to protect their customer’s data, and have notified many different communication outlets in order to raise awareness about the breach so cardholders can monitor their accounts.

So, how did they get breached if they were compliant? The issue is in the question, as it implies that getting ‘compliant’ stamped on a company makes them untouchable. As this perfect example can attest to, that really isn’t the case.

More Read

vendor data security

Vendor Security is Key to Preventing Future Data Breaches

CASBs Help Cloud-Based Businesses Avoid Data Breaches
6 Reasons to Boost Data Security Plan in the Age of Big Data
A Guide to Using XDR Threat Protection to Stop Data Breaches
Four Strategies For Effective Database Compliance

The guidelines within each industry standard (in this case, PCI DSS) are going to outline only the most necessary security requirements. This can be sufficient to stop many different kinds of attacks, so it’s not to say that the guidelines are inadequate. Think about compliance like a sieve. As the wires of a sieve get closer together by thickening or adding more wires, many of the coarse grains will be stopped, allowing only the more refined particles through. Fundamental IT security measures will stop the simple, and likely more prevalent attacks, but may not stop something more sophisticated.

The object of Payment Card Industry Data Security Standards (PCI DSS) is to have a good security foundation: antivirus, daily log review, file integrity monitoring. Companies shouldn’t stop at just being PCI compliant, however. It’s important for merchants to find out where their specific risks and vulnerabilities are, and take measures to try and create an environment that is more secure than just basic compliance.

Just like a sieve, there will always be gaps; no system will be impenetrable. The importance is in finding out where they are with a thorough risk assessment, and working to make those holes as small as possible.

The post Supermarket Chain Bashas’ Breached While PCI Compliant appeared first on Managed Data Center News.

TAGGED: data security, pci compliance
onlinetech March 21, 2013
Share This Article
Facebook Twitter Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

data Analytics instagram stories
Data Analytics Helps Marketers Make the Most of Instagram Stories
Analytics
data breaches
How Hospital Security Breaches Devastate Local Communities
Policy and Governance
analyst,women,looking,at,kpi,data,on,computer,screen
What to Know Before Recruiting an Analyst to Handle Company Data
Analytics
data perspective
Tackling Bias in AI Translation: A Data Perspective
Big Data

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

You Might also Like

vendor data security
Security

Vendor Security is Key to Preventing Future Data Breaches

8 Min Read
CASB
Security

CASBs Help Cloud-Based Businesses Avoid Data Breaches

6 Min Read
data security in big data age
Big Data

6 Reasons to Boost Data Security Plan in the Age of Big Data

7 Min Read
data breach issues
Security

A Guide to Using XDR Threat Protection to Stop Data Breaches

6 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

data-driven web design
5 Great Tips for Using Data Analytics for Website UX
Big Data
ai in ecommerce
Artificial Intelligence for eCommerce: A Closer Look
Artificial Intelligence

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?