Comments on: Dismissing Hannaford Lawsuits, Federal Judge Tells Consumers: Show Me The (Lost) Money http://storefrontbacktalk.com/securityfraud/dismissing-hannaford-lawsuits-federal-judge-tells-consumers-show-me-the-lost-money/ Techniques, Tools and Tirades about Retail Technology and E-Commerce Sun, 20 May 2012 01:49:40 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Rob Martell http://storefrontbacktalk.com/securityfraud/dismissing-hannaford-lawsuits-federal-judge-tells-consumers-show-me-the-lost-money/comment-page-1/#comment-60992 Rob Martell Fri, 15 May 2009 01:43:30 +0000 http://www.storefrontbacktalk.com/?p=3024#comment-60992 In the end, the consumer pays for it. Increase rates and fees, or lost time and credit issues, or increased prices to pay for something that may or may not work. The entire thing is a house of cards. Grins, RW In the end, the consumer pays for it. Increase rates and fees, or lost time and credit issues, or increased prices to pay for something that may or may not work. The entire thing is a house of cards.

Grins,

RW

]]> By: Louis G http://storefrontbacktalk.com/securityfraud/dismissing-hannaford-lawsuits-federal-judge-tells-consumers-show-me-the-lost-money/comment-page-1/#comment-60964 Louis G Thu, 14 May 2009 18:21:51 +0000 http://www.storefrontbacktalk.com/?p=3024#comment-60964 Simply because a business becomes PCI certified does not mean security ends there. There are other precautions to take that go above and beyond that must become daily routine. Many companies jump through the hoops for certification, then think that all is well. Until disaster strikes. Like any long-lasting positive measure, consistency is key. There are no shortcuts for merchants, so stay on your toes guys! Simply because a business becomes PCI certified does not mean security ends there. There are other precautions to take that go above and beyond that must become daily routine. Many companies jump through the hoops for certification, then think that all is well. Until disaster strikes. Like any long-lasting positive measure, consistency is key. There are no shortcuts for merchants, so stay on your toes guys!

]]> By: Scott http://storefrontbacktalk.com/securityfraud/dismissing-hannaford-lawsuits-federal-judge-tells-consumers-show-me-the-lost-money/comment-page-1/#comment-60950 Scott Thu, 14 May 2009 15:41:03 +0000 http://www.storefrontbacktalk.com/?p=3024#comment-60950 The real issue here is not a data breach at a retailer, it is the use of old technology, the magnetic stripe, that is so easy to clone. It is stored in the clear on the card holder's magnetic stripe. The card brands and the card issuers are not working to change the payment technology and are requiring the merchants to pay for the security of the card data. As long as the card brands and issuers can get someone else to pay for securing the data, and take the blame when the data is stolen, then they will never move to make payments more secure. The PCI DSS is meant to mitigate risk of compromise, not eliminate it. Therefore, it should not be a surprise when there is a breach. Just think how many more breaches there would be if there was now standard in place and if retailers were not at least trying to make an effort to secure the data. When breaches happen, the outrage should be toward the card issues instead of the merchants, it is nearly impossible to secure data that starts off in the public domain. The real issue here is not a data breach at a retailer, it is the use of old technology, the magnetic stripe, that is so easy to clone. It is stored in the clear on the card holder’s magnetic stripe. The card brands and the card issuers are not working to change the payment technology and are requiring the merchants to pay for the security of the card data. As long as the card brands and issuers can get someone else to pay for securing the data, and take the blame when the data is stolen, then they will never move to make payments more secure.

The PCI DSS is meant to mitigate risk of compromise, not eliminate it. Therefore, it should not be a surprise when there is a breach. Just think how many more breaches there would be if there was now standard in place and if retailers were not at least trying to make an effort to secure the data.

When breaches happen, the outrage should be toward the card issues instead of the merchants, it is nearly impossible to secure data that starts off in the public domain.

]]> By: Mike http://storefrontbacktalk.com/securityfraud/dismissing-hannaford-lawsuits-federal-judge-tells-consumers-show-me-the-lost-money/comment-page-1/#comment-60900 Mike Wed, 13 May 2009 23:20:29 +0000 http://www.storefrontbacktalk.com/?p=3024#comment-60900 What jerks! It takes a peculiar attitude indeed to try to sue for what was an accident, and one that in all but one of these cases had already been compensated! Hannaford did an excellent job (contrast with Exxon in the oil spill 20 years ago) of trying to limit harm and inconvenience to its customers. Those whose suits were dismissed should be held up to public ridicule and berated for their greed. What jerks! It takes a peculiar attitude indeed to try to sue for what was an accident, and one that in all but one of these cases had already been compensated! Hannaford did an excellent job (contrast with Exxon in the oil spill 20 years ago) of trying to limit harm and inconvenience to its customers. Those whose suits were dismissed should be held up to public ridicule and berated for their greed.

]]>