Frequently Asked Question

If my business was deemed compliant but my system was still breached and payment account data compromised after the fact, what liability would my business incur?

The PCI Security Standards Council is not responsible for levying any financial or operational consequences on businesses that have either been breached or are suspected of an account data compromise. These businesses should contact the individual payment brands regarding next steps, such as contacting law enforcement, or obtaining other relevant information, including potential consequences should a compromise have occurred.
April 2012
Article Number: 1019

Featured FAQ Articles