When hackers hit the giant U.S retailer Target, over 40 million credit and debit cards were affected. Personal information such as the names and email addresses of 70 million customers were stolen by this devastating security breach.
Target was left reeling and their customers were left demanding answers.
But how does a company with a net income of around $3 billion not have one of the world’s most secure networks?
The security breach at Target was reported to have come from malicious software that infiltrated the point of sale systems at Target registers. Hackers would install devices at checkout lines, which would then steal card info by capturing the data stored on their magnetic stripes.
Once armed with this info, the thieves then cloned copies of the cards and used them to shop in stores for high priced merchandise.
This type of malware software has the ability to cover it’s own tracks and because of this, the reach of the breach is impossible to determine. The sophistication of this type of malware also means organisations may not even know if they are affected or how much data has been lost.
The Target breach is reportedly the second-largest theft of shoppers’ credit card data, following the 90 million affected by the data breach at discount retailer TJX in 2007.
Left to clean-up, the massive financial service firm J.P. Morgan replaced two million credit and debit cards as a result of the security breach. The affected customers were financially compensated but left fuming. Calls from the general populace were
It was clear that banks and retail stores needed to start working together in order to protect customer data from cyber crime.
There’s no doubt that Target invests heavily in security technologies which many would consider modern and sufficient. Unfortunately, as the breach so devastatingly demonstrated, today’s hackers are quickly outpacing our traditional defences.
In order to keep up with cybercriminals and hackers, organisations must evolve and improve their security systems to ensure they’re up to the task.
Businesses too often watch the front door and not the back. They look to the money rolling in and not to the possible risks to that income stream — and to the data of their customers. We tend to be a reactive, rather than proactive lot, which means that even our biggest and most trusted companies often don’t have the kind of security measures they should have in place, in place, till after the fact.