Payments industry folks will be happy to know that the recently announced breach of retailer Petco, wherein a laptop was stolen from a contractor working for the firm, included no payment card information or customer data. This refreshing change of pace was brought to you by Storefront Backtalk:
Petco this week became the latest retailer to suffer a data breach by way of auditors and stolen laptops. The breach in this instance involved sensitive employee data—names and Social Security numbers—but neither customer data nor payment-card information. Still, this situation raises the questions: What data-handling requirements for contractors are reasonable, and when do they become absurd?
In the case of Petco’s auditors, quite a few good precautions had been used. The “laptop computers were protected with a strong password and the Plan information was contained in a software program that is protected with an encrypted password,” according to an employee memo.