[it200219]

I had installed "osCommerce - Open source E-Commerce platform" just like Magento on one of our client who had > 500 transactions a day.

Some how in settings, we had flag "Store Credit Card Info" as "Plain Text" enabled. The Admin/Staff of that client could have use this information to make transactions (As in Backend it would show Full CC info into order details)

We didnt realized untill we worked on it again for some bug fixes and adding new features.

Lesson Learned :- When transitioning from DEV to PROD env, make sure to check all these critical flags and correctly set

Luckily, the client didnt had any idea about what was wrong in backend.