Re: Luhn Check to Retrieve card details
believe PCI-DSS should be much more restrictive than it currently is and not allow masked details to be included in the same detail as the encrypted card number as you are basically making breaking the encryption easier.
I think you are misunderstanding.
The encryption is applied to the stored data, which is only the first 6 and last 4 digits. There (should be) no circumstance where the full card number is stored in any format.
Whether Talk Talk followed this is, of course, open for discussion.