Network Security & Hardware - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Visa Gave TJX Until 2009 to Get PCI Compliant



 By: Evan Schuman
2007-11-10
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Visa allowed TJX to remain non-compliant even though the credit card company knew about major security problems.

Credit card company Visa knew in late 2005 of the extensive security problems at TJX, but decided to give the retailer permission to remain non-compliant through Dec. 31, 2008, according to documents filed in federal court on Nov. 8.

The Dec. 29, 2005, letter from Joseph Majka, a fraud control vice president for Visa, was written months after cyber-thieves had already secretly infiltrated TJXs systems, starting the work that would ultimately become the worst data breach in credit card history.

Resource Library:

Majka wrote the letter to Diana Greenshaw, an official with TJXs credit card processor, Fifth Third Bank. "Visa will suspend fines until Dec. 31, 2008, provided your merchant continues to diligently pursue remediation efforts. This suspension hinges upon Visas receipt of an update by June 30, 2006, confirming completion of stated milestones."

The letter regarding TJX ended with this ironic-in-hindsight line: "I appreciate your continued support and commitment to safeguarding the payment industry."

Apparently, Visa didnt consider TJXs later efforts to be "diligently" pursuing remediation efforts because Visa issued $880,000 in fines to Fifth Third Bank—regarding TJX— in the summer of 2007.

Retail Center Editor Evan Schuman can be reached at Evan.Schuman@ziffdavisenterprise.com.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.



  Reader Comments: Visa Gave TJX Until 2009 to Get PCI Compliant
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Evan Schuman
 


x}r㶲s\@♵MQGJɖ<֊myYqfT(S$IVrO]'7nBIL&$%hݍFw?Hp4ô1f%STI}"I{hC(~0`R)rdxBԲ|WR #Yخtj5w5Gl$J{'A :':@PL9uΜ}ٜjc7h2 Xm (kzZC'Aj(CJx,Z="? w,8&;|w* pTƦ;=aR!U5EhD#|OwɀYF {.Q^Z -GZb'UƞͰ*{ /\1r.bL{yw4ɿT L=iTVC;&3ÃtXF?;9z uur<J@J53Ҧ~l_\[r  |'k[oLZ.JX<&ȇ T|5 uz P%opa鰨cX@vIna>E4b™EQ ,'I%?[WM&M}Yf0R*CA-tV?#{Sjq{ֺ}\=rֽ!iəyN0p3 Z\vO|b M u4}GʇVM&Ժpr9%9Ioȯ `HlDmYܾʑ\Rya)XY|Dͼ94o o SNE ;- ujf*5QT[P G/<@#L)p3Z&9T23'ݨä p;p|g0sJ}SD57 l"v|3c)м`y`27C?F{t( 5,/{@`\@Z8`$8ʼ E 8ѵO>ȁ{4`sD{ʹiǀxԘGڀ;r%Ea1CDȣ I.B$(ZȻB!Alq [$pXdl+_F􎄰r)ilry g r\B;7 ˥=*%nqR%a 934YIjL=?꺾j1!G,D`v9J,L.Y ϴje[r,4T(k1 #+rA)3K6ŝ|ӆ)t쑧3=̠ Gx}lj?DŽBۣLddGٚMs[:L^͘=gʠ'_u˙.'˗јSQrRҋsMӿd50egYA3'|(@]4>+WUPÃ"`"+42[m̞w(VT)w^;= PJʳ"#@3>ť`L)mtй+>q^v.iC@diֽXKu7RumIҰ.R.ei -a-VX5QV(: ,)T aYl`cytE9̆ɨ0iMtn{jLj&M{|U.*rȔe8jAaV*<>kpX"@@7w R&a+\ڨ `OSi9Ezڃu@n'ZcW@~f:3?&نdp܉DhQ+mne@ͤP)X[*^|(+ȁUraXkj²익ה])/hM泛vpv*: 0f&6X#Ӣ>oZuik#2RTא~3VʅĴ'i?怚H|A2e &G-cYC6euEmsƱ4]bJ\,~ɯ™9j1|J0&B$VJlQؼUwPySc3;䆻!`Pjcf:uV*w[O3$!WԶͶwP$!5 cd]DZ@4`Di pHE&@|Zkhp B@E.br>+j*eT0@AS Ւ.ZE^~vVKi?`E"'>ڣs!a*/73g ZOZV,֪19P+RjsVV2:EwH_ଯ8݉m??Qo>һAk>sWμ+ ;0E<&V$OM_w2H7t%¬_,ŤOMqѡ,`kUQl~4V8wf|<@? v: C\4!<`4pf mWq>[JZJwg 唟`Z~,pZԿC X{EMzʮRRYEG?voqm@^5Y?z]-Sb_@וBVTkki`f/B[$ zDÈ iqĆZ jYMV~ q?o|레6RqMxތ9"yea@WIlJhL{_JOOMm(}gnLԼ *דoᔻ,p{S+),tl+Ji c0:g<}'QJn{Jr zy@?uEU _0 d&T~#\{YRfl|g^c+w22˓FvXfoQ:\ LУ''~w3WnjmG2~z&:i0-aZ`' YnAjAy̧`pf>Jf;9Qo@Hms>1 ZH${m%~F85 fP.T*E:k@"WAҰg.3_5u_f&OITz[R€>1Ze Ro(SY-q'&F.҄^SfvmvLTSdX*laƭRZ/\f ?3paW,ԔʱfD)(j'ܱ?>nȍGڽv?fIRTX]\HmXJP/YTAtUUTckm`WPF4`W&\x&\_{3Ƌ(b(Q^aD}Rx*3nQ/egS? i- P5^IW:.Wky*1n'vem"X׵I7$# ְS##f`.SkZ%,: KV#R>&*MUK\6߷p-z_U>6 `i8~{L(}׆7{%%u\nxm}#4-odhD4re}J|I{ѽE-%{wEs5A n2H͋#O!yN/͛FSLo2YGrzI]a3+"AKվ̂1 a՜$"Z* MN3dn *~фmH;ºY PH2'_1a c{ z H)'4 N):\b/;H2VB R`2"(BS.iDO§,>49Sj67 EGW%'}KiV T t6~hOWK0NvfAda+F+9ǭZ{q@H߉ NANhs_,c9en1~KAZ~liԎ8%4 \("{-~=Prr(SJ%SQ'i&. K5Kb)/RJ<:u?y{lo&<)sǣAlk59ob`Jwfim =hKx?Koҽ{g;ᧅ}Est3VTsb{I6ӱ$BEͫ*ۻʾ\8%'r{ѩc+N c,n%P2Y;pOҠc}dOy~}I.~({_fO,J骇\%(S]MZ^|W%0.Ձ60S|SϪb믨` '$\;#)R53,yDdIJ]y fJ!!-( LuƟrGI~&#Brϔ?p5,GS$'$4IG@3-ԣHgZ?~ּE8(A+oVP%v%Cc;2Je[6õLR[i?ꐎ*UP!5֗jqS228Fl9999Z=,TlK{8sc@m-~ϖ0WN@s=׳Lb kȗ63ô/[S^Hj$= g,_pn[]Kc]t1TEPqgnk釛ļ>͐p>|;$'勠a%-_NjRNg<'`qwDc$K\W^qj pI@_$mR8;Тc?O״쯙/ff@3`!h*%a]u>Ϳ![Ηw1Vnc<'҅y׵S />Sa3} dkݶ'`A)R5ꍝ^Z|Y"<0abjGZ`k5?8 C+yemfΟڌtۀfckVa6Xmֹ p7ȿβ< h,/wx/@3gP-?e"Gٵ8+x"A.WrWg;L?pW?实KjJep<즎iŹ{?6cw QNF=6۬7od.vJ}mo3")Aݶ{{ŷis `Wul:/0u}m56bԹKyf$I 5]߉ -g3Zc ~P2oH3@84kIY'֤ [IHcc;wnpƊ8e[YƳm@WU' ,&HcyWA|`߱1Ap0:MkE_A-ȴjgm̱?5fTf8CnĽqT$^PAgt~D)ޛ~r5fSxa vf0}QCu&߮[ye叉]D9 ? KQ^tahvp^xE)LI||/ q-RR#ঀ_}P?"owN 9vxw-tX)awǶ>'AF˸v0ccM[,zŽKpBYŪ B(lF]]8"6,zAˢ'(UNsI({ôL\'Ʈ,!/B^]’;kM=1Ir1)ڊ77A6J-9"G@Ÿ *$"R +hAB,T#Aͤ<؎7լ%\wa8F F(dѴB.]sI TCeb?=G/ttAk-c"]N1xy[?L̀+5fL4P;lNz yԥBMDuE7TChRfx7נg5̈ xc; 7z^CvMK;7^Ȕ6]4_q=!o7;C'ՉȔ -;[W<'<*ڢ RnDXoX=AƮlMᗚk烔KpʭBף:FyHLD0ۆՊ ;VRԎy-0OeB~[B,cLW<0՘0t+PʲjNT\OpY=XCE3 c _^bQ'ruYN_DH_t1amkZ't MxS2 )BZs4pLz^P0F$u*C:΀ lZBhIED#ThbGB#&^I79k[ 45`BRA~90NI@ s43DDci֌͈ iuX9N]cs%zH"V|8snj0(-ŌC 5Z(OBVBBveX &z(ĉ—͊g2Vqּ&JZ!`xzNRsdhhz?J= L]; &O=lFLf 昋y}}uoHݴۤwzӹwW}ѽO֊_ԝniY}}ӹg&hT慶L۝%,C rvռl3;eFq(ڣE1BW,xjE^/J>M`)͞?Nb+Q^e5DU@^zu7 &6٘Bfuljom9 go:ٙ%g%uԢz h7Q`1D*'MMo )n}>U;Mj^+Q_ۼv(( 3of}i8QޅnF9rz}y hjgB3Y}Cg(kw֗wZFQd3r'r_z埠 fe\_,@ ^}.3s _f y2zG(Q~d_BeF9U^\eUu݌wAt3OK7C\\g5ԿΨs?=eg_W(u}?fwFr BmV9mBf_ryʛrּƅ)IFy98rEV*SV9,2/ydֺ+_F+p'k͠~%s"iN^ ΅G ˗ X֭2Yf( 50=_u–'"F'V!#Erly063wHP,#ODxaw./ ]C?U\Ńq`a\m8JI(q0ԱGH714t$^EWa>q}|5h_z$FӴFy6P<ՍPcc6H_,mgrlCk:nܙ%_'/TB# |nufB~ή.'13/)~#pIi)Hˌ˟$4ng iٍ ]c 6{Nzs̄08B8L=Yg'4WB&$Xm)۹f,ӧu'GsMz5>O\8' h]-a)x<AR(~Q ^xjA߭ed#əW BW??t YT8[T"?bNm% 1o)%:f*(u`'/2^;' π 8>eC[gI2T~{J=*P=eZPO;] n",ݤd/+2b%vl=HY[;@B oX)un'|oS{)0XPyw4w0n9wsYo{"EPޙiy?;wiSF)f'NFp)hN<}y?٢ uKğopm.; +C^p穎TU|J6A1^4.v>ϽϯxDh\NwLtxVd'KWܱ0_^٢#"|fa*H%hw2bo _gsO{ |>":xqea#Vt*N`wX{yB(ϺW}yٹtC*GUώv>!2D!6xvyhEi{CKxI7W-)|BYS$;ݛV; AHc]7[xY޿a(XE Ch⍿#0146]Ө+jE&I#;ov[b$- U.aT+nu; o]F'e1T>\JBS+$WY/ͦG( wm&l2)v}ml-c6C-{MCy'