Comment by tehwebguy

Here’s a question, if Stripe or PayPal for example are processing so many transactions why can’t they see this stuff coming a mile away?

Shouldn’t it be trivial to “triangulate” the origin of a card hack / leak after like, I don’t know, three or four transactions? This whole thing seems rigged to put make small businesses liable for covering the cost of the PII failure of probably a banking institution, or a minimum a completely different small business!