It Had to Happen.. and Will Agian
Retailers are at the mercy of credit card transaction processing companies. I work in IT at a large retailer and the credit processing company has installed software that handles and transmits the card and customer information to its servers. We are not allowed to look at the source code running on our servers. We (have to) trust the company but what about the programmers they used? Was code contracted out to third world or eastern European shops? There should be laws in place that ensure data breaches like this result in criminal prosecution of the executives in charge. Maybe then someone at these credit card data processing firms will take security seriously.