Frequently Asked Questions

< Back to search page

If my business was deemed compliant but my system was still breached and payment account data compromised after the fact, what liability would my business incur?

FAQ Response

The PCI Security Standards Council is not responsible for levying any financial or operational consequences on businesses that have either been breached or are suspected of an account data compromise. These businesses should contact the individual payment brands regarding next steps, such as contacting law enforcement, or obtaining other relevant information, including potential consequences should a compromise have occurred.

February 2008
Article Number 1019