A law firm has developed a free iPhone app, Data Breach 411, to help organizations with breach notification compliance. The app provides links to 46 state data breach notification laws, relevant federal statutes and other resources.
Encryption gaps in retail payment card transactions were highlighted at a Congressional hearing that examined security failures in the aftermath of malware attacks against point-of-sale systems at Target and Neiman Marcus.
When breaches result from retailers' lax security practices, merchants should be obligated to help banking institutions cover fraud losses and other post-breach expenses, says Viveca Ware of the Independent Community Bankers of America.
At a Feb. 4 Senate hearing, a senior executive from Target Corp. endorsed a shift to chip cards, combined with PINs, to enhance security, while a Neiman Marcus executive questioned if that was a prudent move.
Several payment system experts testifying at a Senate hearing on Feb. 3 urged the adoption of chip card technology in the wake of breaches at Target Corp. and Neiman Marcus. But representatives of banking and retailing engaged in some finger-pointing.
The PCI Security Standards Council has no plans to modify its standards for payment card data security in response to high-profile payment card breaches at Target and Neiman Marcus, says Bob Russo, the council's general manager.
In light of recent high-profile retail breaches, The Financial Services Roundtable is asking Congress to pass a national data breach notification law and expand oversight of the retail and telecommunications sectors.
Cybercriminals exploiting weaknesses in how users employ passwords is a significant factor behind an increase in records exposed in breaches during 2013, says Craig Spiezle of the Online Trust Alliance.
When did the Neiman Marcus data breach occur? The retailer says it may have begun last July, but banking and fraud experts point to evidence that suggests the breach actually may have occurred a year ago.
Evidence is mounting that the breaches reported by Target and Neiman Marcus are part of a wider assault against U.S. retailers. Meanwhile, payment card-issuing institutions say they're taking proactive steps to keep fraud at bay.