Since I reported that Heartland had their PCI compliant status suspended, I think it’s only fair to report that they’ve been revalidated as of May 4th.
Whether or not they were compliant during their on-going six month breach is anyone’s guess. They continue to claim that the were. The PCI Security Standards Council is sticking to their story that no compliant entity has ever been breached. I won’t say one of them is fibbing but they certainly can’t both be right.
One thing I think we can count on is that Version 1.3 will come as result of this. Neither party will tell us the real deal. Doing so would probably reveal that the Standard has at least one hole in it.
Similar Posts:
- New PCI Version 2.0
- PCI For Dummies
- PCI squeezing the merchants?
- PCI Compliance Flaw
- A bit of good news for PCI compliance – but only in Washington
