Dyman Associates Risk Management: 10 lessons learned from major retailers' cyber breaches - 1 views
-
sheinne jim on 01 Oct 14There has been extensive adverse publicity surrounding what has become the largest data breach in the retail industry, affecting Target and two other U.S. retailers. In November-December 2013, cyber thieves executed a well-planned intrusion into Target's computer network and the point-of-sale terminals at its 1,800 stores around the holiday season and successfully obtained not only 40 million customers' credit and debit card information, but also non-card customer personal data for as many as 70 million customers. In addition, 1.1 million payment cards from Neiman Marcus and 3 million cards used at Michaels were reportedly exposed. The respected Ponemon Institute announced this June it believes that hackers have exposed the personal information of 110 million Americans-roughly half of the nation's adults-in the last 12 months alone, and this number reflects the impact of major retailer breaches and others in different governmental or business sectors, but does not include hacks revealed in July-August 2014. As we speak, there are news reports about the discovery of large quantities of personal information (including user names and passwords) mined from many websites by a Russian-based hacker group and new malware threats focused at retailers. According to a report released by the U.S. Department of Homeland Security, technology that is widely used to allow employees to work from home or permit IT and administrative personnel to remotely maintain systems is being exploited by hackers to deploy point-of-sale (PoS) malware that is designed to steal credit card data. This threat is being called "Backoff Malware".