• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

What we’ve learned from recent retail breaches

August 24, 2015 by Secure360 and UMSA

Security lessons learned from retail breaches

Copyright: 123rf/Scandinavian Stock

What are the biggest retail cyber incidents that have happened in the past few years? It seems like we are hearing of retail attacks more often and the damage is widespread, causing operational damages, financial losses and hurting reputations.

Let’s take a look at some of the biggest attacks the past few years:

  • TJX Companies – (2006-2007) 46 million records compromised
  • T-Mobile – (2009) millions of records sold by a malicious insider
  • Heartland Payment Systems – (2009) 130 million credit card accounts stolen
  • Target – (2013) 110 million records compromised, infected payment card readers
  • Home Depot – (2014) 256 million payment cards compromised, infected point-of-sale systems
  • com – (2014) more than 2000 leaked usernames and passwords forcing retailer to suspend online shopping accounts
  • e-Bay – (2014) credit card data was stolen from 145 million customer accounts

Lesson learned

The data breaches above all resulted in data loss leading to unforeseen reputational, financial and organizational damage. While we don’t like to see any company affected by cyber threats and attacks, companies who are willing to share information on these breaches will help increase public awareness of threats.

Below we have highlighted a few lessons that can be gleaned from some of the recent cyber attacks on the retail industry:

Human element

When taking a deeper look into many of retail’s biggest breaches, we see how the human element and error has affected the situation. Poor security practices, lack of security understanding and training, and poor handling and exposure of sensitive data are all issues that often go unnoticed by security teams and allow easy access to customer data. Security needs to be practiced throughout the entire organization by all levels of employees. Talking to your employees about security is an ongoing, necessary conversation to help prevent attacks from the inside and avoid human error.

With the eBay breach, 145 million user accounts were stolen, but no credit card information. Hackers were able to steal names, phone numbers, e-mail address and home addresses from users, which led to them stealing login credentials for some employees. This eBay scam was likely a phishing scam or social engineering attack that tricked employees into giving their logins. In this situation, the best preventative measures would have been to encrypt user data and educate employees on phishing scams.

Well-configured firewalls

Security experts say Home Depot was the victim of a spear-phishing attack—highly specific, targeted attack that makes its way into a system through e-mail and infects a computer with malware. In the case of the Home Depot attack, just one employee agreeing to install the malware could allow it to make a home and carry out further instructions, leading to the 256 million compromised payment accounts. In this case, if firewalls had been configured to block incoming and outgoing attacks, this breach may have been prevented.

While anti-virus or malware tools may not always have the strongest argument for protection, they still can prevent some forms of malware from being installed within your company. Anti-virus tools should be installed on every end-point system and should be regularly verified to ensure it is active and up-to-date.

Know the alarms and how to handle them

Some believe that Target was aware of attacks on their point-of-sale systems, which triggered alarms, but they failed to react properly, resulting in the massive breach and millions of compromised payment records. There are many vulnerabilities in a system, and notifications of these vulnerabilities must be handled timely and properly according to the level of threat.

Companies should create a list of threats and alerts within their system and determine how each one will be handled. For retail businesses, payment system alerts should be a top priority. Payment systems should be segregated from other networks to prevent the spread of an attack. Companies should also ensure that fraud prevention measures are in place and being monitored. Alerts on intrusion detection systems should also be addressed immediately—be aware of repeated attempts that display similar characteristics.

Cyber attacks on the retail industry are hard-hitting and continue to surface. The retail industry should be learning from past and present attacks to ensure the security of their own networks and systems. If IT and security teams are taking the steps beforehand, they are likely going to decrease the chances of their company being attacked.

Filed Under: Business Continuity Management, Cybersecurity, Risk and Compliance

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Secure360 Conference
    Secure360 Conference: As much as many of us enjoy it, there are risks to working from home, specifically as we rely more and more on the… https://t.co/S2nuIyWgjk
    about 3 days ago

  2. Secure360 Conference
    Secure360 Conference: The time to register is NOW, because today is the final day to score early bird rates. #Sec360 is the professional… https://t.co/rsIAkxmmCV
    about 4 days ago

  3. Secure360 Conference
    Secure360 Conference: We can never thank our wonderful #Sec360 sponsors enough! Silver Sponsors @AxoniusInc @BlackBerry @Fortinet and… https://t.co/pnYxfkR135
    about 4 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.