Slashdot Mirror

← Back to Stories (view on slashdot.org)

Top Five Causes of Data Compromise

Posted by ryuzaki0 on from the it's-the-data-stripe-stupid dept.

Steve writes, "In a key step to help businesses better understand and protect themselves against the risks of fraud, Visa USA and the U.S. Chamber of Commerce announced the five leading causes of data breaches and offered specific prevention strategies. The report states that the most common cause of data compromise is a merchant's or a service provider's encoding of sensitive information on the card's magnetic stripe in violation of the PCI Data Security Standard. The other four are related to IT security, which can be improved simply by following common-sense guidelines." Here is the report on the U.S. Chamber of Commerce site (PDF).

4 of 106 comments (clear)

  1. Re:top 5 by Anonymous Coward · · Score: 3, Insightful

    Honestly, could my post be any more useful?
    Yes, but a more interesting question is could your karma whoring be any more obvious?

  2. Didn't the waiter do it?! by __aaclcg7560 · · Score: 4, Insightful

    Whatever happened to the old saying that your credit card would more likely be ripped off by a waiter than someone off of the internet? Or are waiters taking hacking jobs these days?

    1. Re:Didn't the waiter do it?! by mennucc1 · · Score: 4, Insightful
      You did not RTFA: waiters are number one in the list. Here it is, in the original form: 1. Storage of Magnetic Stripe Data - The most common cause of data breaches occurs when a merchant or service provider stores sensitive information encoded on the card's magnetic stripe in violation of the PCI Data Security Standard. This can occur because a number of point-of-sale systems improperly store this data, and the merchant may not be aware of it. Then translate from market-speak:
      • service provider -> waiter (indeed, it does serve)
      • merchant -> owner of the restaurant
      • "point-of-sale systems" -> gadget that you stripe your card in
      • to store sensitive info -> pwn
      After proper translation, it reads: 1. Storage of Magnetic Stripe Data - The most common cause of data breaches occurs when a waiter pwns your card's magnetic stripe in violation of law. This can occur because a number of gadgets are available around that will store this data; and the restaurant owner may not be aware of it. See?
  3. Re:Chip & PIN by John+Hasler · · Score: 3, Insightful

    > If they had thought to require a photo for the front of the card then it
    > would be a 3 stage process, and pretty hard to circumvent in a store
    > situation.

    Clerks rarely check pictures[1].

    > Even ATMs have CCTV these days, so they could use some image recognition
    > software to match your image against the registered image before giving you
    > cash.

    And the software would screw up about 10% of the time, keeping your card and your money.

    [1] I knew a guy who spent part of his stint in the Navy sneaking on board warships with an ID card bearing the likeness of a gorilla.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.