Trustwave, the PCI security vendor, has been accused of failing to detect vulnerabilities in Target’s handling of credit card data ahead of last year’s data breach, according to a law
suit filed by Trustmark National Bank of New York and Green Bank of Houston.
Trutswave, which promises ‘smart security on demand’ and claims to be a ‘global leader in PCI DSS compliance’ is alleged to have given Target a clean bill of health in September, two months ahead of the attack.
The suit alleges that Trustwave failed to detect clear vulnerabilities in the way Target handled credit card data at the point-of-sale, pointing to a New York Times report claiming that the giant retailer stored customer card details on its servers for six full days before hackers broke in and moved the data along.
The suit, which is understood to be seeking class action status and claiming up to $5 million in damages, claims that the ultimate cost to the banking industry of the breach could reach $18 billion in total.