What to Do if Compromised?

Taking immediate action

Merchants that have experienced a suspected or confirmed security breach must take immediate action to help prevent additional damage and adhere to PCI Data Security Standard required.

Loss or theft of account information

Merchants must immediately report the suspected or confirmed loss or theft of any material or records that contain  cardholder data.

If a merchant fails to immediately notify PinnaclePay Merchant Services, Inc. and  Visa USA Fraud Control of the suspected or confirmed loss or theft of any transaction information, the merchant will be subject to a penalty of up to $100,000 per incident.

Steps for compromised entities

• Immediately contain and limit the exposure. Prevent further loss of data by conducting a thorough investigation of the suspected or confirmed compromise of information. To preserve evidence and facilitate the investigation:

·         Do not access or alter compromised systems (i.e., don't log on at all to the machine and change passwords, do not log in as ROOT).

·         Do not turn the compromised machine off. Instead, isolate compromised systems from the network (i.e., unplug cable).

·         Preserve logs and electronic evidence.

·         Log all actions taken.

·         If using a wireless network, change SSID on the AP and other machines that may be using this connection with the exception of any systems believed to be compromised.

·         Be on "high" alert and monitor all systems with cardholder data.

·         Alert all necessary parties immediately. Be sure to contact:

·         Your internal information security group and incident response team.

·         Your merchant bank, contact information for PinnaclePay Merchant Services, Inc. is (770) 381-3902

·         Notify Visa Fraud Investigations and Incident Management group immediately at (650) 432-2978.

·         Your local office of the United States Secret Service.

• Provide all compromised Visa, Interlink, and Plus accounts to PinnaclePay Merchant Services, Inc. within 10 business days. All potentially compromised accounts must be provided and transmitted as instructed by your merchant bank and Visa Fraud Investigations and Incident Management group. Visa will distribute the compromised Visa account numbers to Issuers and ensure the confidentiality of entity and non-public information.
• Within 3 business days of the reported compromise, provide an Incident Report document to PinnaclePay Merchant Services, Inc.

Note: Visa, in consultation with PinnaclePay Merchant Services and Chase Paymentech, will determine whether or not an independent forensic investigation will be initiated on the compromised entity.