PCI: The Big Unanswered Question: Which companies claimed to be PCI compliant at the time they were breached? It’s become the familiar refrain this year. Each time we see a major data breach related to payment card data, the breached entity says ‘How could this happen?’ The information security industry is still arguing about the efficacy of the standard and those who assess it. Meanwhile, tens of thousands of consumers have their personal information exposed to potential compromise. They probably don’t know or care what PCI is. They just want to know ‘Why wasn’t I protected?'”]
Source: https://www.cuinfosecurity.com/blogs/pci-big-unanswered-question-p-270