It's odd to me that they have to take the blame for a disaster that was caused by the terrible security of how credit cards fundamentally work.
It is impossible to secure credit cards. They are the keys to your money in plain text. PCI is hell to comply with because of this, and doesn't even solve the problem because you still have to store them in plain text.
Target would be 100% right to blame the credit card industry for the disaster, but it wouldn't go over well with the public because the public does not understand security.
Prepare to go through this discussion again in two years after chip-and-pin's expensive rollout doesn't prevent or deter online CC theft, despite everyone having to get fancy new cards from their banks.
It is impossible to secure credit cards. They are the keys to your money in plain text. PCI is hell to comply with because of this, and doesn't even solve the problem because you still have to store them in plain text.
Target would be 100% right to blame the credit card industry for the disaster, but it wouldn't go over well with the public because the public does not understand security.