Now Available for Download: A Modern Guide to Retail Data Risks
It’s been a rough year for the retail industry when it comes to data security, with data breaches affecting Fortune 500 retailers, franchises and other small to mid-sized retail organizations. Here’s a quick list of the major hits, how they were breached, and how many people were affected:
Home Depot - Attackers used a third-party vendor’s stolen credentials to access their network, then exploited a now-patched vulnerability in Windows OS to access the main corporate network in order to deploy malware on their self-checkout systems. They stole the payment data of 56 million customers, reports their press release.
Target - Again, attackers used a third-party vendor’s stolen credentials to access their network and install malware on their point-of-sale (POS) terminals. They stole the data of 70 million customers and 40 million payment cards.
Neiman Marcus - Malware was found installed on POS terminals, affecting 350k payment cards.
Michaels - Malware was found on POS systems, affecting 2.6 million payment cards.
Jimmy John’s - An intruder stole credentials from a POS vendor and used them to remotely access POS systems at about 200 locations nationwide.
Goodwill - Nearly 900k customers affected when a third-party vendor’s systems were attacked by malware.
UPS - Malware was found at 51 locations, affecting 105k customers.
Kmart - Malware infected point-of-sale registers that stole payment data. Investigation is ongoing.
Last year, U.S. credit card fraud losses totaled nearly $18 billion last year, according to Javelin Strategy & Research. Banks and other financial institutions are often footing (large) bills after a data breach, replacing cards for millions of customers.
What does all of this mean? Perhaps that the old security solutions don’t work anymore. Or, we’re just not focusing on the right ones. Stolen credentials are implicated as the first point of entry in most of these breaches. Clearly, it’s time for a stronger, more effective security tool to protect against modern-day attackers that are still exploiting stolen passwords.
And to help spread the knowledge, we wrote a 150 page guide to help navigate you through some of the new risks in the industry, with a few security recommendations to boot:
Avoiding Catastrophic Data Breaches in the Retail Industry
In this guide, you’ll learn:
- New risks to the retail industry presented by cloud, mobile and Bring Your Own Device (BYOD)
- Business and compliance drivers for strengthening authentication security
- How outdated security solutions can no longer effectively protect retailers and consumers alike
- How implementing a modern two-factor authentication solution can work to protect the new IT model
Ideal for CISOs, security, compliance and risk management officers, IT administrators and other professionals concerned with information security, this guide is for IT decision-makers that need to implement strong authentication security, as well as those evaluating two-factor authentication solutions for organizations in the retail industry.