When rumors were swirling last month about a “new” breach related to Visa and MasterCard alerts , there was speculation in a number of quarters as to whether the newest alerts were related to a second breach at RBS WorldPay that had previously been undetected or perhaps the new round of alerts might be because…
Category: Breach Incidents
Statement from Heartland Payment Systems
Just sent to me by HPS: Heartland Payment Systems (NYSE: HPY) is pleased to continue our long relationship with Visa. Heartland is cooperating fully with Visa and other card brands and we are committed to having a safe and secure processing environment. Heartland was certified as PCI-DSS compliant in April 2008 and expects to continue…
Visa confirms RBS WorldPay also placed on probation
As a follow-up to my earlier post today, media relations for RBS WorldPay contacted me. It appears that the number the main operator had given me for them was the wrong number, even though she confirmed it twice. In the meantime, I have obtained the following statement by Visa that confirms that, like Heartland Payment…
Visa puts Heartland on probation over breach — but what about RBS WorldPay?
Anthony M. Freed of Information Security Resources reports that Visa has put Heartland Payment Systems on probation. As of February 11, 2009 Visa’s Global List of PCI DSS Validated Service Providers had asterisked Heartland Payment Systems as being under review. Heartland is not on the March 12th list. The following quotes from Visa’s announcement are…
[CORRECTED] More on the Coleman campaign donor breach
The Minnesota Independent, which has been all over this breach since back in January, has a report from Chris Steller today which quotes the campaign web site privacy policy as it was in effect in January 2008 and as it is now. According to the news story, the site’s stated privacy policy in January read,…
UK: Children’s details published on website in council blunder
Annie Riddle of The Salisbury Journal reports that 146 special needs (i.e., special education) children had their personal details published on a Wiltshire County Council website. What makes this one worse is that the council had been alerted to the problem in 2004 and thought it had been taken care of back then. Two weeks…