We notice you are visiting from a U.S. Internet provider. 
29/01/2010 -
In yet another example of the importance of proper PCI compliance, payment processing data was found to be the most vulnerable information to breaches and theft, according to a recent study. According to a report from the University of Bedfordshire and forensics firm 7Safe, payment processing information was the target of 85 percent of security breaches studied - a trend that is likely not limited to the UK, as payment processing data can be more profitable for hackers than other kinds of data, experts say.
The study also called into question the idea that the biggest security risks come from the inside, as in from disgruntled or negligent employees, finding that 80 percent of the breaches were external in origin.
Furthermore, most of the attacks were caused by SQL injection, the very same method used to perpetrate the massive breach of Heartland Payment Systems in 2008.
SQL injections may be a weak point in the PCI DSS, then, said the report. "The analysis proves that many organisations who declare themselves compliant with the PCI Data Security Standards are not even close," the study read.
To optimise their level of payment processing security, merchants are encouraged to supplement their PCI compliance efforts with a more layered approach to security, advises PCI Security Standards Council general manager Bob Russo.
