Learning from Target’s Technology Security Breach

More than likely, you will know someone affected by the recent credit card data breach at Target stores across the US. Over 40 Million shoppers have had their credit card numbers compromised. One method businesses use to defend against attacks like these is data and technology security policies, including PCI DSS at a minimum. The Payment Card Industry Data Security Standards (PCI DSS) are a body of requirements for payment card security policies. I’ll venture to say that Target probably followed all the necessary PCI standards and other regulations when handling their customer’s credit card data. These hackers cared enough to intentionally work to exploit Target’s system. This goes to show that if the prize is big enough, criminals will find a way. Keep in mind, however, it’s not just the big box stores that are affected. Smaller, local stores can be targeted as well (pun intended).

Wild Wing Café in Knoxville, Tennessee, for example, experienced a breach earlier this year. They even had the unfortunate notoriety of being mentioned in a recent edition of SC Magazine, a publication for IT security professionals. According to the article:

“Hackers breached the IT systems at Wild Wing Café to steal credit card numbers belonging to a “small number” of customers. The restaurant’s owner said the attackers were able to evade policies and protections, and the eatery encouraged customers to watch for fraudulent charges.”

WHAT TO DO – STAY ON THE LOOKOUT

Attacks are particularly frequent during the holiday season. It is important to keep a watchful eye over your accounts, and know what to do if you observe anything unusual.

1. Check your accounts daily. It will make your life much simpler if you catch suspicious activity sooner rather than later. Watch your credit card statements and bank accounts.
2. Always sweat the small stuff. Even tiny purchases that you’re unsure of can indicate fraudulent activity. Often, data thieves make small charges to accounts ($0.11, for example), hoping you will overlook them. Then, they sell your numbers to other cybercriminals or make larger purchases.
3. Spread the word, quickly. If you see fraudulent activity, immediately alert your bank and credit card company. Also notify the FTC and any specific businesses in question.

Many banks and credit card companies are proactive in responding to issues like this, and customers are not liable for charges from this kind of theft. And while there is nothing we can do to prevent large scale attacks on the businesses we visit, it does open the door to the broader discussion of what we can do personally to bolster our technology security.

WHAT TO DO – KNOW THEIR TACTICS

According to online security company Hotspot Shield, hackers use the following methods to steal our personal information. See their methods below, along with some quick tips:

1. Hotspots. Hotspot Shield reports that 89% of public Wi-Fi hotspots are unsecured. Hackers even create their own hotspots and disguise them under the names of airports, coffee shops, etc.
   • Tip: Only join password secured hotspots that you’re sure are legitimate.
2. Malicious Websites. Websites that look like they’re trying to deceive you usually are.
   • Tip: If the website you’re visiting is inundated with offers, pop-up ads, and fake search results, leave it.
3. Email. 10% of spam messages are malicious. 
   • Tip: Don’t download anything or click links in emails from someone you don’t know. And even if you do know them, if the link looks suspicious or uncharacteristic of them, don’t click it.
4. Social Media. Birthdays, addresses, high school names, pets’ names, phone numbers, and more can all be used against you. 
   • Tip: Tighten up the personal information you share on social media sites.

Nearly 7% of all American households are victims of identity theft with total loss per household being nearly $4,900. Again, it is impossible for us to defend against large scale attacks on businesses like Target. But we still have an obligation to make both our business and personal technologies as secure as possible.

To learn more about hacker tactics and security practices, click here to read Hotspot Shield’s infographic.

Have anything to add? Leave a comment below!

The post Learning from Target’s Technology Security Breach appeared first on Claris Networks - IT Support Company | Knoxville Chattanooga | Information Technology Services | Consulting | Cloud Computing | Hosting | EMR Solutions.