If a retail behemoth like Target can end up the target of a data breach, it can happen to anyone. Here’s how to prepare yourself.
During the peak shopping season of 2013, when millions of shoppers swiped their credit cards with innocent abandon, something sinister was happening at one of the nation’s top retailers.
Unbeknownst to anyone, Target’s computer systems — home to 110 million customers’ personal information belonging to — were getting hacked. According to ZDNet, it was the score of the century for the criminals involved, and an utter nightmare for Target and its customers.
The retailer’s costs skyrocketed, its reputation took a major hit, and every branch of the business was heavily disrupted.
How and Why Was Target Targeted?
One would think a well-established brand like Target would have adequate defenses in place, so what went wrong? It appears that the cyber raiders really did their homework, and likely “phished” the supply chain network, which means that they tricked employees into revealing critical information via email.
It’s been speculated that an employee of one of the retailer’s suppliers accidently gave out a password or two, and the rest is history. Once the hackers could log into Target’s external supplier network — which manages invoicing, deliveries, and the like — they were able to infiltrate the main servers full of sensitive data.
“Backing in” like this is one of many ways technical terrorists can break into a network and plunder your personal information.
How Else Can Data Theft Happen?
However, not all data disasters occur because expert programmers have broken into a secure system. According to Dark Reading, this type of hack only accounts for half of all private data infiltrated through breaches — the rest is often attributed to simple human error. Laptops, hard drives, and memory sticks are easily lost, and their stored information becomes readily accessible to any cyber thief.
Network World also warns that the notorious practice of credit card skimming leads to many damaging breaches. That’s when credit cards are “double-swiped,” which copies their information — one swipe for a legitimate transaction, another to copy the details. This trickery can be easily carried out by, say, a waiter who hides a tiny device in his or her apron, or by an ATM outfitted with illegal hardware.
What Can We Do?
Whether it’s your business, your customers, or your data that needs protecting, you must take the necessary steps to minimize risk and keep identity thieves at bay. NJ.com provides a handy guide for what to do in the event of a data breach. Here’s a summary of their top tips:
1. Check Your Credit Report
That way, you can see if anyone has opened new accounts using your information. If the leak has affected your customers, consider providing them with free access to credit reports for the same reason — it’s what Target did after the 2013 breach.
2. Freeze Your Credit
Of course, this is only helpful once a breach has already occurred, but freezes are free for victims of fraud, so there’s no reason not to block access to criminally acquired data.
3. Change Passwords and Account Numbers
Again, with the Target case in mind, make sure all suppliers regularly change their login details for critical information to which you provide access.
4. Be Tax Smart
Submitting your tax returns early cuts down on the likelihood of a fraudulent claim getting there first and receiving your duly-earned tax credits.
5. Remain Alert!
Make sure your whole team, suppliers, and customers are clued-in to basic safety measures, and stay vigilant about elusive phishing activity, which can take the form of an email, phone call, or even a written letter.
A Better Solution
Any business that stores personal information can end up the target of digital thieves — and if you’re not a massive corporation, you’re probably even more vulnerable. A quick, free consultation with Integrated Security Services can protect your money — and your reputation — if you’ve fallen victim to this common crime, or even suspect your system has been compromised.
Integrated provides expert advice on how to prevent fraud, help recover lost data, catch the criminals, and secure a conviction. Don’t risk leaving your data exposed — take the necessary step and give Integrated a call.