Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Well, what you can do is notify the card issuer about those cards that went through, so they can mark them as stolen. That surely will make the hacker really happy, and discourage them of doing it again :)


So you mean you are keeping full card numbers somewhere in your logs to... fix some potential security issue...?


>Hey mr processor, the cards for transaction numbers x...y are stolen.


I'm assuming there were transaction IDs provided that can be given to the processor. If they can't do anything with the IDs, then that's a pretty broken system.


If you are the processor, yes, I guess. If you aren't, then you can provide the transaction ID to the processor and let it handle that part.


Pretty sure this goes against PCI DDS requirements to not store CC numbers.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: