|
|
|
|
|
|
by SandwichTeeth
2992 days ago
|
|
|
This is actually an interesting case from a PCI perspective. PCI doesn't protect last 4 of a credit card number or names individually, as you wouldn't be able to link name to card number if stored separately. Name is only 'cardholder data' when stored with a full cc number. In this case both name and last 4 are stored and revealed together, but I still don't think that constitutes PCI protected information according to their definition of cardholder data. My initial interpretation is that they wouldn't be in breach of PCI from just the information we have publically available about this issue. |
|
|