Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security The Courts

Target and Trustwave Sued Over Credit Card Breach 87

Posted by Unknown Lamer from the kill-the-auditor dept.
jfruh (300774) writes "Security vendors like Trustwave can make big bucks when major companies decide they don't have the internal resources to handle their cybersecurity needs. Unfortunately, when taking on security chores, you also take on security liabilities. In the wake of Target's massive credit card security breach, both Target and Trustwave are now on the receiving end of a class action lawsuit, in part backed by banks that had to issue thousands of new credit cards." The filing, and a bit more from El Reg: "It's against Target, however, that the most serious allegations are levelled. The class action led by Trustmark National Bank and Green Bank, say the retailer should not have allowed an outside contractor the access to its network that brought about the breach, and that it violated federal and state laws in storing the credit card data on its network."

Complaint against Trustwave by tbehme8826

This discussion has been archived. No new comments can be posted.

Target and Trustwave Sued Over Credit Card Breach More

Target and Trustwave Sued Over Credit Card Breach

Comments Filter:

  • Re:Banks are responsible too (Score:5, Interesting)

    by way2trivial ( 601132 ) on Wednesday March 26, 2014 @01:24PM (#46585571) Homepage Journal

    Not precisely correct.

    Chip & pin is coming, it's not mandatory on merchants (yet) but if fraud is indicated and the merchant failed to have a chip terminal, and the customer has a chipped card the merchant will lose the chargeback automatically.

    Liability shift, will now be on one of two entities.
    The merchant, for not having the terminal, or the consumer, for not protecting their pin.

    the liability also shifts almost 100% OFF the card issuing bank....
    (the real reason)

  • Re:Banks are responsible too (Score:2, Interesting)

    by Anonymous Coward on Wednesday March 26, 2014 @02:31PM (#46586329)

    All this despite the fact that chip+pin is just as vulnerable as swipe+sign, and nobody here wants it except the banks.

    Putting the liability on anyone other than the bank is just bullshit, and I, for one, will refuse to support it for as long as I possibly can. Here's why:

    The merchant and the buyer don't know each other. The bank knows the buyer. The bank knows the merchant. Thus the bank is the only one qualified to authorize the transaction. If either of the other parties says that the agreement was not upheld to their satisfaction, it's the bank's job to arbitrate, judge, and carry out a decision about the transaction. Thus all onus must be on the bank. And if the bank made a bad call by doing business with a crook (either by issuing them a card or by allowing a fraudulent transaction to pass as valid), then the bank must be on the hook for the transaction. Chip+pin is the banks' way of dodging their responsibility. I refuse to let them off with that free pass without as much of a fight as I can muster.

Slashdot Top Deals

An authority is a person who can tell you more about something than you really care to know.

Close