Businesses that are targeted by these cyber intrusions could be liable for any losses involving stolen credit card data, which could potentially bankrupt smaller businesses. All small businesses that process, store or transmit credit card information are urged to update their security software and become PCI compliant immediately.
“It’s easy for small businesses to become lax in regards to their Internet security, thinking they’re too small for hackers to bother with,” said Dana Badgerow, president and CEO of the BBB. “However, according to the Minnesota Cyber Crime Task Force, these are the businesses which are squarely in the crosshairs of cyber criminals.”
The Payment Card Industry (PCI) Data Security Standard is a set of requirements designed to ensure that all companies which process, store or transmit credit card information maintain a secure environment. Though the PCI security standard is not law, it was created by major credit card brands (such as Visa, MasterCard, Discover and AMEX), and at their discretion, merchants that do not comply with Payment Card Industry Data Security Standards may be subject to fines, card replacement costs, costly forensic audits and brand damage should a data breach occur.
According to the online PCI Compliance Guide, Minnesota established the Plastic Card Security Act in 2007, which states that any company that is breached and is found to have been storing ‘prohibited’ PCI data (magnetic stripe, track data) will be required to reimburse banks and other entities for costs associated with blocking and reissuing cards. This law also opens up these companies to private lawsuits.
For more information on PCI compliance, visit https://www.pcisecuritystandards.org
The mission of the Better Business Bureau is to promote, through self-regulation, the highest standards of business ethics and conduct, and to instill public confidence in responsible businesses through programs of education and action that inform, protect and assist the general public. Contact the BBB at www.bbb.org or 651-699-1111, toll-free at 1-800-646-6222.
The Minnesota Cyber Crimes Task Force is a joint FBI and USSS Task Force involving numerous Federal, State and Local Law Enforcement Agencies. The MCCTF also partners with the business community and academia. The MCCTF’s jurisdiction includes all of Minnesota and North and South Dakota. The MCCTF can be reached at 612-336-8402; 250 Marquette Avenue, Minneapolis, MN 55401.