• midnightgoat@lemm.ee
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    As a cyber security consultant, I can confirm. Not a single company out of hundreds I’ve performed PCI remediation for managed to completely comply with requirements, with some leaving major issues like storing cc info in a searchable plain text db for better “customer service”. There’s barely any enforcement for this.