The recent data breaches at three major retail chains—Target, Neiman-Marcus and Michael’s—have compromised sensitive data from more 100 million customers and are, according to experts, the beginning of a trend that isn’t likely to fade any time soon.
In all three of the recent high-profile cases, attackers apparently were able to plant malware on point-of-sale systems to gather credit card information from unsuspecting shoppers. The Target breach affected 110 million customers, Nieman Marcus 1.1 million and the scope of the Michael’s breach has not been determined yet. There’s a good chance other retailers have been compromised as well and just haven’t discovered it yet.
“Attackers no longer spam at will,” says Steve Durbin, global vice president of Information Security Forum. “They are increasingly targeting—learning the habits and preferences of their potential targets to better tailor malware to the intended audience.”
There are a few factors that combine to fuel this trend. Credit card data and related customer information are a goldmine for attackers, for one, and that information can be used to clone credit cards and for identity theft.
Most customers use a credit or debit card to conduct transactions, which makes retail chains a prime target for cyber crooks. Add in the low-paying jobs and high turnover at most retail chains, and you have a higher-than-average risk that an employee may be culpable in the attack and help plant the malware exploit to make some fast money.
Possible solutions might be more comprehensive encryption at the point of sale or ensuring that all customer and credit card information is encrypted end-to-end from the transaction, while it is being transferred, and when stored on a server. Neither is a foolproof guarantee against a data breach.
To read more click here.