Do Merchants That Outsource Payment Processing Still Have Risk From a Breach?

Craig Hoffman writes:

Last week a small New England bakery announced that its point-of-sale (POS) devices were infected with malware that may have put card data at risk.  The bakery’s letter to its customers stressed that it did not store card data on its computer systems, but the malware allowed an unauthorized person to gather card data as the cards were swiped.  Merchants similar to the bakery often ask us the following question: “We use a third party vendor for processing transactions and have no card data in our computer system, do we have any risk from a data breach?”  The simple answer is “YES!”

Read more on Data Privacy Monitor.

About the author: Dissent