If you are working in the retail sector, you understand there is specific data that is the target of hackers and thieves: Credit Card Data. Specifically the data known as CHD. As a database administrator, you have to be prepared to react to the threat with increased security, as well as react to actual data or system breeches with a response.
What do you do when you find a breach?
If you, or your technical team, identify POS system malware on your retail systems that processes, transmits, or stores credit card data take the following actions immediately:
- Inform your merchant bank. The sooner the bank can report the incident to the card associations, the better.
- Request a dial-up terminal from your merchant bank. The bank can usually get a terminal to you and up and running within 24 hours.
- Stop all payment-card processing on the affected systems.a. If the malware is found on your POS terminals, stop processing payment-card transactions on those terminals.
b. If the malware is found on the BOH server, stop processing payment-card transactions on all POS terminals.
c. You can continue to input orders into the system for purposes of inventory tracking and business analytics, but process payment card transactions on stand-alone, dial-up terminals. While temporarily inconvenient, the dial-up terminal with a phone-line connection to the bank is a secure method to process payments.
- Contact your local U.S. Secret Service (USSS) field office and ask to speak to the Electronic Crimes Special Agent Program (ECSAP). Payment card compromises fall within the ECSAP’s jurisdiction.
- Call a PCI forensic investigator (PFI).
- Take notes regarding exactly what occurred, when the malware was identified, how the malware was identified and any actions that have taken place since the initial discovery. This information will be valuable to the Secret Service and PFI.
Technology News and Information by SeniorDBA 