> store your credit card information ... but there are stiff penalties from the government and credit card processors for unauthorized access to that information; consequently, it's rarely stolen
Citation: The Onion?
The Payment Card Industry Data Security Standard (PCI DSS) is the main information security standard for organizations that process credit or debit card information must abide by. The guidelines established in PCI DSS cover how to secure data handling processes.
I'm not saying it doesn't happen. Credit card data is too valuable to never be stolen. I am saying that ~37 to >500 is a hell of a difference in how frequently things are stolen [0]
You pointed out how there are guidelines for holding that information, I'm saying there are consequences [1]. I'm following that up by saying that the consequences for mishandling customer information are not nearly as severe. They do not result in 6 figure fines.
I'm saying the severe consequences to mishandling CC data have led to the incredible disparity shown in the first paragraph
Citation: The Onion?
The Payment Card Industry Data Security Standard (PCI DSS) is the main information security standard for organizations that process credit or debit card information must abide by. The guidelines established in PCI DSS cover how to secure data handling processes.
So here are the top 5 info breaches:
https://www.goanywhere.com/blog/the-5-biggest-pci-compliance...
To be fair, if what happened to Heartland happened more often, PCI compliance would be taken more seriously, and breached less often.