The recent news of hackers breaching the payment systems of Saks Fifth Avenue and Lord & Taylor department stores, stealing sensitive credit card information, is just one in a recent series of attacks affecting consumers. This comes on the heels of a disclosure from Under Armour that a hacker stole data from its MyFitnessPal app, affecting 150 million users. In recent years, Whole Foods Market, Chipotle Mexican Grill Inc., and Omni Hotels & Resorts also suffered damaging data breaches. Acting sometimes in groups, sophisticated cybercriminals wreak havoc on an alarming number of robust databases, getting away with valuable customer information.
Hackers Follow a Four-Step Process
While each attack is unique, a successful hacker typically follows a series of steps:
- Research: Hackers search for merchants with a security weakness, such as an open and free WiFi network, disgruntled employees, outdated security systems and other communication and security gaps.
- Invade: Acting fast, hackers employ advanced technology and inventiveness to break in and move around freely.
- Attack: Two methods of approach are to attack a company’s network and social vulnerabilities. In a network attack, the hackers exploit weaknesses in the company’s IT infrastructure to access confidential data. A social attack tricks unwitting employees into giving up secure information or access to databases. As with the Saks breach, a believable-looking email asks the employee to confirm their credentials or open an attachment that has embedded malware.
- Steal: The hacker’s mission is completed by committing the theft.
Protect Your Business Against Data Breaches
A data breach can be devastating to the affected business, and by extension to their consumer client base. Consumers rely on merchants to protect their information from hacks and hold them accountable when a breach occurs. In the cases of Saks, Under Armour, Chipotle and others, their security measures did not serve as sufficient protection against attacks.
Unfortunately, data breaches have become an ever-present threat – new incursions happen every day. It is imperative for merchants to act on placing security as a high priority. In the event of experiencing a data breach, consumers can be quick to beat a path to avoid the targeted merchant.
Ensure that your payment solutions and customer account information are secured against potential weaknesses by observing these measures:
- Multi-layered fraud prevention. Choose payment solutions that employ layered fraud detection technologies to help stop criminals.
- Be smart about data. Don’t keep any customer data on file, in the cloud, in a database, or on a USB drive.
- Use encrypted communications. Work with industry experts to configure an encrypted communications network and payments solution.
- Stay alert. Conduct reviews of your payment solutions, educate your employees on the risks and potential for data breach attacks, and know the signs of fraudulent activity.
To implement the right protection and fraud prevention platform for your business, understand that a one-size-fits-all solution is probably not the answer.
Verifi’s Intelligence® Suite is a customizable, multi-layered fraud prevention solution that helps to ensure you have the right protection for your business. Our turn-key platform allows merchants to select from a suite of services to provide optimal protection for their business against attacks from fraudsters. And, to protect merchants from emerging fraud vulnerabilities, Intelligence Suite stays current with advanced payment technologies.
Contact us to learn more about how Verifi can provide a customized protection solution for your business.