Great video. I went in expecting it to cover mostly the technical side of things. Instead Matt gave a great overview of the team / engineering organization dynamics to watch out for when adopting microservices. (I particularly liked that he pointed out how developers may write new code / services instead of dealing with team politics.)
The author doesn't explicitly mention it, but the CVVs were saved as a part of debug logging. That mistake should serve as a warning to others implementing PCI DSS systems.
Where do you have that information from? I've seen the theory in the comments on troy's website, but no confirmation of it. My kid's after school program got hit and I'm working with them to translate Regpack's obfuscation of what went on and ask some pointed questions.
