The Target breach affected Canadian customers as well, although Canadian Target stores are equipped with different point of sale (Retalix 10) and payment (Retalix Connected Payments) software supplied by Retalix (now NCR). Probably, they did not manage (or did not bother) to secure the PII (Personally Identifiable Information) as they were focused on security of payment data. Note that PCI data security standards do not contain any requirements to protect the PII. In addition to the POS/payment software different from the US stores, take into account that magnetic stripe payment cards, which were the target during the Target attack, become a rarity in Canada after the EMV migration.
Leave a Reply.