In the meantime, reactions are pouring in from customers and the information security community in general, some saying to prepare for the worst, and some brushing it off as not-so-serious incident.
Link to Original Source
How the heck do they get away with having retrievable credit card details in their db? Once the CC# is in the database it shouldn't be retrievable.
How many places out there don't actually follow this simple rule?
Where I work we were worried that the banks may turn off our credit card processing facilities if we don't get PCI compliant. And that is maybe 1/40 of the customer base.
I am really puzzled - how does Vodafone get away with this in the first place? No audits?
That's what they invented Dvorak for....
Not sure if that was just supposed to be funny, but slashdot only has its highest traffic rating in Bangladesh. Click on the Audience tab to find that 44.4% of all visitors are from the US.Bangladesh only brings in 1.1% of all visitors.
Interesting. That file is gone and so is Google's cached version. Just how much info was in that PDF?!
Where are the calculations that go with a calculated risk?