Reply to post: Re: internal verification code

Malware again checks into Hyatt's hotels, again checks out months later with victims' credit cards

Anonymous Coward
Anonymous Coward

Re: internal verification code

Or is the % they pay you worth more than the cost to you and cardholders?

PCI Security Standards Council set the rules, but is anybody responsible for the retroactive enforcement of PCI DSS? And have that body ever barred a major corporation?

Realistically, although the industry should issue Hyatt with a ban, I don't believe they've got the will to do that. Even if they did, it would be tantamount to putting Hyatt out of business if the ban were for more than a few weeks, and I'm sure the owners and managers of Hyatt would be shielded by the US authorities stopping such a move.

For all the brave words, I can't think of any jurisdiction that takes data security seriously. Even the likely scale of GDPR fines will be trivial compared to the typical clean up costs of a data breach, so the new rules are concentrating minds briefly, but come next May, I'm not sure we'll see any slowdown in reported breaches.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022