Reply to post: PCI DSS?

Experian-T-Mobile US hack: 'We trusted them, now that trust is broken'

gerdesj Silver badge


Given the nature of their business then I would imagine that PCI DSS applies.

Unencrypted data may represent a fail. However if the storage volumes that they were stored on were encrypted but accessible due to being online then sadly that would probably pass.

Still, given there was a breach then something else may surface as a fail. My money is on an admin password on a post-it note stuck to a monitor near a window.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021