JD Sports says 10M customers hit by cyber attack
bbc.co.ukAs usual:
> the affected data was "limited". It added it did not hold full payment card details > ...the final four digits of bank cards.
It seems payment data is rarely stolen, at least as far as I can tell.
This got me thinking; who actually _does_ hold full credit card details? And just how secure is a PCI level 1 facility? What are the chances of a company like Stripe being hacked any time soon, given the recent increase in frequency and capability of these attacks.
The pessimist in me imagines it's only a matter of time before we see a breach where full credit card details are stolen; and presumably the impact would be huge... ...but I'm asking HN whether that's an accurate assessment of the risk.