The report seems to indicate it was a trojan, not a phish attempt, actually.
But I misread - CardSystems DOES process for merchants as well as financial institutions.
My statement still stands, however, since it'd be tough to find out who does the processing for any given merchant. Often, the merchant won't even know because it's not important to them as long as the payments get processed. Being someone who's worked with e-commerce systems that are only compatible with certain processing platforms, I often have to know, but I'm not Joe Average, of Uncle Joe's Gift Shop, who only needs to swipe cards and have the payments go through...
JustThe.net - Steve Sobol / snipped-for-privacy@JustThe.net / PGP: 0xE3AE35ED Coming to you from Southern California's High Desert, where the temperatures are as high as the gas prices! / 888.480.4NET (4638)
"Life's like an hourglass glued to the table" --Anna Nalick, "Breathe"