Frequently Asked Question

In case of a suspected breach, should the PCI Security Standards Council be contacted directly?
No. In the event of a suspected account security breach, the business entity should follow existing, brand-specific processes and procedures for notifying the affected payment brand(s) and law enforcement officials.
April 2012
Article Number: 1009
Featured FAQ Articles
Most Recently Updated
-
Is the expectation that any PFI investigation initiated must result in a PFI Final Report?
-
Can SAQ eligibility criteria be used for determining applicability of PCI DSS requirements for assessments documented in a Report on Compliance?
-
Do PCI DSS requirements for keyed cryptographic hashing apply to previously hashed PANs?