Thanks to Richard Stiennon for informing me that Visa and American Express will no longer allow CardSystems Solutions to process their credit cards. I am stunned, but in a good way. If companies begin to take security seriously, I will be very pleased. If this turns into a rationale to justify the current "compliance = security" mindset, then nothing will change and more organizations will be compromised.
The CardSystems news page reported yesterday that "John Perry, President and CEO of CardSystems "look[s] forward to the opportunity to share CardSystems' story with the [Congressional] Subcommittee." I found the press release by the House Financial Services Subcommittee on Oversight and Investigations saying the hearing is today at 10 am.