Help Net Security – (International) Unencrypted payment data on business networks at 70 percent. SecurityMetrics published its second annual Payment Card Threat Report revealing unencrypted Primary Account Number (PAN) storage remains alarmingly high. Virtually no change occurred between 2011 and 2012, with card data storage on corporate systems declining less than one quarter of a percent. The study exposed that greater than 10% of merchants store magnetic stripe track data, essential for the illegal reproduction of credit and debit cards. Financial, hospitality, and retail industries accounted for 55 percent of the total unencrypted payment card data storage among businesses tested. Businesses that store unencrypted payment card data directly violate Payment Card Industry Data Security Standard (PCI DSS) requirements and are more likely to be exploited and suffer severe financial repercussions.
Ali Loney, on November 29, 2012