PYMNTS

JUNE 5, 2019

The app, designed for the Jewish community, left the database open without a password, exposing user data and private messages, said security researchers Noam Rotem and Ran Locar, according to reports. In addition, none of the data was encrypted. Dating app JCrush potentially exposed the records of around 200,000 users.

Database 46

Database Law Enforcement Request for Comment Encryption 46

VISTA InfoSec

JANUARY 18, 2024

with a particular emphasis on the move towards ‘network security controls’. As a reminder, the Payment Card Industry Data Security Standard (PCI DSS) is a comprehensive set of security requirements that all organizations handling cardholder data must adhere to. Requirement and Testing Procedures 2.2.1

PCI DSS 289

PCI DSS Procedures Encryption Security 289

Exact Payments

JULY 1, 2024

Instead, each sensitive PII item is encrypted with a newly generated key, and the key is stored in a hardware security module (HSM). This approach enhances security and complies with the best data encryption and key management practices. The encrypted data is then written to our database.

Data Security 52

Data Security Security Encryption Payment APIs and Integration 52

PYMNTS

DECEMBER 31, 2018

For example, Marriott , Facebook and a database marketing firm by the name of Exactis exposed the records of roughly 300 million people. Verification of that data cache found it to contain contact information, usernames and encrypted passwords — though it did not seem to contain any credit card or health and fitness data. “We

Data Breach 92

Data Breach Breach Database Compromise 92

Fintech Finance

SEPTEMBER 17, 2024

Leading identity verification platform ID-Pal also operates at the core of the industry’s ecosystem by serving a diverse range of payments providers with ease, offering robust data security standards, real-time verification and 100% AI-powered technology.

Process 95

Process Verification Money Laundering AML 95

VISTA InfoSec

FEBRUARY 28, 2024

In our ongoing series of articles on the Payment Card Industry Data Security Standard (PCI DSS), we’ve been examining each requirement in detail. Changes Core Focus Limiting database access to programmatic methods (apps, stored procedures) and database administrators. By prioritizing cardholder data security, v4.0

PCI DSS 130

PCI DSS Best Practices Authentication Rules 130

VISTA InfoSec

JULY 5, 2023

Data security has become an essential aspect of our lives and is more crucial than ever before. In the healthcare industry, organizations are entrusted with a plethora of sensitive information, including PHI, PII, and financial data. What is data security in healthcare? million between May 2020 and March 2021.

PCI DSS 130

PCI DSS Compliance Data Breach Breach 130

Stax

NOVEMBER 6, 2023

Loss, corruption, improper use, and unwanted access to a company’s data assets can lead to immense negative publicity, which in turn can cause irreparable reputation damage, fines, sanctions, and loss of profits. Moreover, companies need to follow data privacy and compliance requirements to stay in business.

Encryption 88

Encryption PCI DSS Data Security Origination 88

Payments Source

NOVEMBER 30, 2018

said it’s investigating a hack of the guest reservation database at its Starwood unit that may be one of the biggest such breaches in corporate history. Marriott International Inc. Marriott shares slumped 5.6 percent in pre-market trading.

Database 80

Database Breach Credit Cards Data Security 80

The Fintech Times

SEPTEMBER 19, 2024

It will also see CLOWD9 utilise ID-Pal ‘s tech to ensure its own data security is up to date too. ID-Pal’s platform comprises a comprehensive set of tools for frictionless, secure identity verification and anti-money laundering (AML) screening. ID-Pal serves a range of payment providers with ease.

Verification 64

Verification Process AML Fraud Detection 64

CB Insights

OCTOBER 18, 2018

Keeping enterprise data secure is one of the biggest challenges corporations now face. Corporations increased the number of times they mentioned cybersecurity on earnings calls nearly three-fold since 2014, according to CB Insights data. CB Insights put together a research series on the future of data security.

Cybersecurity 57

Cybersecurity Data Breach Encryption Data Security 57

PYMNTS

AUGUST 13, 2020

Preserving the integrity of data as it moves from on-premise systems to the cloud is vital for financial entities to successfully modernize. For entities concerned about data security, Kassam assured that cloud service providers have far more resources and expertise than any single organization to protect their systems.

Third-Party Service Provider 133

Third-Party Service Provider Payments Service Provider Volume 133

Clearly Payments

SEPTEMBER 22, 2024

Essentially, it’s a database that contains information about merchants who have had their credit card processing services terminated due to various reasons deemed as high-risk. Non-Compliance with PCI Standards : Failing to adhere to Payment Card Industry Data Security Standards (PCI DSS) can result in a listing.

Processors 102

Processors PCI DSS Credit Cards Non-Bank 102

Stax

JANUARY 23, 2025

This involves analyzing transaction patterns and cross-referencing merchant data against global sanctions lists or politically exposed persons (PEPs) databases. Ensuring adherence to legal and regulatory standards, such as PCI DSS (Payment Card Industry Data Security Standard) requirements.

Underwriting 68

Underwriting PCI DSS Money Laundering Processors 68

PYMNTS

MAY 20, 2020

Home Chef, the Chicago-based meal kit and food delivery company, announced a data breach after a hacker sold information on its 8 million customers on a dark web marketplace, according to Bleeping Computer. They provided a sample showing the type of information in the database.

Data Breach 53

Data Breach Breach Request for Comment Database 53

Clearly Payments

JUNE 3, 2024

The process of tokenization involves creating a token that is linked to the original payment data within a secure database. This database, often referred to as a token vault, stores the mapping between tokens and the original data. Storage and Processing : The token is stored in the gateway’s secure database.

PCI DSS 59

PCI DSS Payment Gateways Gateways Payments 59

Segpay

NOVEMBER 20, 2024

As these technologies continue to evolve, they not only enhance security but also improve user experience. Privacy and Security Concerns: Balancing Protection with Usability While biometric technologies have a lot of advantages, they also raise concerns about privacy and data security.

Security 98

Security Technology Privacy Compromise 98

FICO

NOVEMBER 1, 2016

The NYDFS proposal requires multi-factor authentication for any users accessing internal systems from an external network and for privileged access to database servers. Data encryption. The NYDFS requires data encryption not just for data in-transit but also for data at-rest.

Cybersecurity 81

Cybersecurity Regulations PCI DSS Data Encryption 81

Payments Source

MAY 23, 2017

million to settle state lawsuits over a 2013 hack of its database when the personal information of millions of customers was stolen, according to New York Attorney General Eric Schneiderman. Target Corp. agreed to pay $18.5

Data Breach 60

Data Breach Breach Database Data Security 60

PYMNTS

DECEMBER 27, 2019

Wawa said the malicious software had been collecting credit and debit card information surreptitiously since March, as well as names of customers and other data. Massive data breaches are becoming more and more common as more information is moving online and to databases. million members.

Data Breach 52

Data Breach Breach Identity Theft Debit Card 52

PYMNTS

JANUARY 30, 2019

29) after being alerted to the leak , which was discovered by security researcher Oliver Hough. The database, running on a hosted Amazon Elasticsearch server, held tens of gigabytes of data, including customer names, contact information and case work for each corporate client. The exposed server wasn’t protected with a password.

Database 57

Database Breach Government Governance 57

PYMNTS

JUNE 15, 2018

Technical and non-technical professionals within an organization that adopts ALTR’s offerings, the firm has said, will be on the same page when it comes to data security, and who has access to what information, and at what time. The ALTR platform is built on ALTRchain, which the firm says ensures “ultra-secure” data access and storage.

Blockchain 43

Blockchain Security Database Social Security 43

PYMNTS

FEBRUARY 6, 2019

The startup uses sharding to break databases into units, and to help with scaling issues that typically are the hallmarks of blockchain. This technology can help providers identify an individual with unparalleled accuracy, through iris-recognition and data matching.

Blockchain 76

Blockchain Duplicate Stablecoins Procedures 76

PYMNTS

DECEMBER 4, 2018

We must give credit to the criminals who engineered the recently disclosed data breach that could end up impacting some 500 million guests of Marriott International. Good for them! Well, not really. We at PYMNTS are never fans of theft or any other illegalities, especially of such potentially life-altering attacks on businesses and consumers.

Breach 68

Breach Data Breach Authentication Database 68

PYMNTS

JANUARY 26, 2018

The company warned that this creates significant security threats to the companies as they share sensitive and confidential data. Blockchain technology is superior to the current centralized, cloud-based databases for recording digital asset transfer and access by third parties,” the company stated.

Blockchain 62

Blockchain B2B Transactions API 62

PYMNTS

MARCH 18, 2019

Now, those systems are often integrated into a single database or exchange data via tools such as APIs.” Obtaining that seamlessness in data movement means a company can manage employee data “from recruitment to retirement,” added Ferdowsi. In the beginning, each was an obvious disparate system.

Payroll 64

Payroll API Payment APIs and Integration Data Breach 64

VISTA InfoSec

JANUARY 22, 2024

This includes secure storage, periodic key changes, retirement of old or suspected compromised keys, and prevention of unauthorized key substitutions. In essence, Requirement 3 aims to create a data security fortress around cardholder information. a Confirm CHD storage policies for data retention and disposal.

PCI DSS 100

PCI DSS Encryption Procedures Authorization 100

PYMNTS

JANUARY 30, 2020

CERT-In reaffirmed that a security lapse had taken place and told SpiceJet. The airline then took steps to secure the database. “At At SpiceJet, the safety and security of our fliers’ data is sacrosanct.

Breach 80

Breach Correspondent Research Database 80

Segpay

DECEMBER 13, 2024

Right to Deletion: Both GDPR and CCPA provide individuals with the right to request data deletion. In identity management, this right is challenging, particularly if a users information is stored in various authentication databases.

Privacy 105

Privacy Compliance CCPA Authentication 105

PYMNTS

DECEMBER 3, 2018

In addition, data on 82,000 drivers based in the U.K. This was not only a serious failure of data security on Uber’s part, but a complete disregard for the customers and drivers whose personal information was stolen,” ICO Director of Investigations Steve Eckersley said in a statement that accompanied the announcement of the fines.

Data Breach 69

Data Breach Breach Blockchain Processors 69

PYMNTS

JANUARY 23, 2019

However, data security is essential to any organization. In the pharmaceutical supply chain, providing access to data surrounding contract negotiations, and where products have changed hands, can lead to — practices, with some players in the supply chain running the risk of being cut out of the process.

B2B 76

B2B Disputes Blockchain Payments 76

PYMNTS

AUGUST 23, 2018

The European Union (EU) General Data Protection Regulation (GDPR) came into effect in May, but most businesses in the region still aren’t compliant with the rules. Unfortunately, the latest data suggests that businesses are still struggling to comply with the data security rules.

Compliance 47

Compliance Data Security Rules Research 47

VISTA InfoSec

JANUARY 9, 2024

As we all know, data security is a constantly evolving field, and it’s essential to keep up with the latest standards and requirements. That’s right, the PCI Security Standards Council (SSC) has announced the release of the new and improved PCI DSS v4.0, And mark your calendars, because the current PCI DSS v3.2.1

PCI DSS 113

PCI DSS Procedures Authorization Security 113

PYMNTS

APRIL 5, 2018

According to Reuters , the suit alleges that the credit reporting firm failed to protect its databases or provide prompt notice of the massive data breach that exposed the personal data of 147 million people. These allegations state a viable claim for violation of the data security regulations,” Salinger wrote.

Federal Trade Commission 43

Federal Trade Commission Request for Comment Breach Data Breach 43

VISTA InfoSec

OCTOBER 25, 2023

Keep in mind the CIA Triad’s influence on data security and assess potential costs like financial losses and reputation damage. Quantifying uncertain events is tough, but various techniques can help.

Risk Assessment 130

Risk Assessment ISOs Assessments Risk 130

PYMNTS

APRIL 5, 2018

Managing application secrets like database credentials, passwords or API keys is easy when you’re working locally with one machine and one application. As you grow and scale to many distributed microservices, it becomes a daunting task to securely store, distribute, rotate and consume secrets.

Credential 40

Credential Cybersecurity Database Data Breach 40

CB Insights

MARCH 27, 2019

These high-profile data breaches (among many others over the last few years) have put the general public on high alert, with talk of data protection becoming an increasing priority. Read our future of data security report for more on this topic. ). This was only the start of a difficult two years for Facebook.

Cybersecurity 76

Cybersecurity Encryption Data Breach Breach 76