Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Security experts round on Oracle over unpatched holes"] [Next entry: "Oracle Simplifies SOA, Web Services Security"]

Why it is important to encrypt credit card information

Alex pointed me at a good article on TheRegister yesterday. This article is written by John Leyden and published Tuesday 19 July 2005 and is titled "Visa cuts CardSystems over security breach". This article talks about a card processing firm that has been dumped by Visa for allowing card numbers to be disclosed from its systems. The company should not have even had the card details in its systems. The company held the data unencrypted and security vulnerabilities allowed the car data to be stolen.

Even though the article doesn't actually say that the data in question was held in a database or even if it was then whether it was an Oracle database. That said this is still an interesting article for anyone running an Oracle database and storing in that database critical data such as credit cards. It is a lesson in why credit card data should be encrypted.