Tag Archives: Jimmy John’s

9 Data Breaches That Rocked 2014 (And What You Can Learn In 2015)

2014 was the year of the data breach. One after another, big brands were subjected to malicious attacks by hackers that not only compromised countless pieces of customer data, but almost-irreparably damaged these brands.

Here are some of the more notable businesses affected by cyber criminal attacks during 2014:

large

1. Ebay

In May, eBay revealed that hackers had managed to steal the personal records of 233 million users. Usernames, passwords, phone numbers and physical addresses were all compromised. But the biggest victim: Ebay’s ego.

2. JPMorgan

Tens of millions of Chase customers were affected when accounts were infiltrated—even if their bank accounts weren’t. The attack touched 80 millions households and 7 million businesses, making it one of the largest in history.

3. Target

Last spring, Target confirmed that a large data breach from late 2013 affected 40 million customers. The company later announced that more data was compromised, reaching 70 million people. Proving that the shame is 100% on them for exposing customers twice.

4.  Home Depot

Home Depot announced last September that their massive data breach allowed cyber criminals to harvest information from 56 million customers in the United States and Canada. Vendor credentials were used to steal customer data.

5. Staples

Staples confirmed its payment system’s data breach–an incident in which 1.16 million credit and debit cards used were stolen over a period of up to six months. The criminals behind the breach have been accused of already using the card data for fraud.

6. U.S.P.S

Hackers attacked the United States Postal Service’s online network. Blame was quickly placed on hackers based out of China. The damage? 800,000 employees’ data was compromised, including Social Security numbers and addresses.

7. Domino’s Pizza

A “hacking group” held Domino’s Pizza hostage, demanding ransom for over 600,000 customer records obtained through a data breach. In exchange for the personal data (names, addresses, emails, phone numbers and even favorite toppings), the hackers demanded $40,000 from the pizza chain.

8. Verizon Wireless

Verizon Wireless experienced 1,367 data breaches and more than 63,000 security incidents in 95 countries during 2014. The company released their annual security report that painted a picture of the reality of data security (or lack there of) and the state of cyber crime.

9. Jimmy John’s

Customers who swiped their cards inside one of 216 Jimmy John’s stores were affected by last year’s data breach. Cards entered manually or online were not included in the attack. The information exposed may include the card number and in some cases the cardholder’s name, verification code and/or the card’s expiration date.

***

Data breaches are the new normal. 

So what can you learn from these big brands’ data breach incidents? That no business is truly immune from being the victim of a data breach–but you can practice best standards and practices by having a response plan in place.


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABTK-SM-Blog-DataBreach-hero

6 Things You Should Do To Protect Yourself In Case of a Data Breach

Nobody’s immune to credit card breaches. Not major retailers–not even technology like CurrentC which positions itself as the perfect foil to Apple Pay and yet, days after being announced as such, finds itself at the center of a possible data breach.

We’ve learned this year through the very-public stumbles of marquee brands like Home Depot, Target, and Jimmy John’s that nobody is safe from a data breach. We’ve also learned that the consequences of data breaches are long-lasting: Home Depot now faces at least 20 class-action lawsuits, while it’s come to light that customer credit card data poached from a Target data breach has surfaced on a Russian website.

No company is immune to the possibility of a data breach. No matter how well your organization prepares for this kind of attack, a data breach will quickly uncover the weaknesses in your security defense plan. It’s crucial that any company experiencing an attack uses it as an opportunity to correct these vulnerabilities before the next one happens. As cybersecurity expert Joe Adams says, “It’s not a question of if you will be hacked, but when.”

After a data breach, your company needs to take the following 6 steps:

1. Gather Internal Response Team

The internal response team is your company’s first responders who are trained and prepared to take action when this kind of security breach takes place.

ABTK-small-blog-image-DataBreach01

Members of the response team should include:

    • Senior Managers
    • IT Security Force
    • Key Operations Staff
    • Legal Counsel
    • Human Resources Officer
    • PR Communicator
    • Risk Officer

Department heads need to be a part of the team because a security breach affects the entire organization.

2. Keep Network Running

After a breach, don’t automatically assume you should shut down the network before the response team has a chance to investigate. Doing so could cause you to lose valuable data and stall your investigation.

3. Determine the Extent of the Breach

Investigating a breach doesn’t happen overnight. It takes time to collect large volumes of data and discuss the attack with IT andnetwork security personnel. It could take several days to determine the full extent of the data breach.

4. Make a Public Statement

ABTK-small-blog-image-DataBreach02You may have to publicly announce the breach before you have all the facts. Although some people understand that there’s a period of discovery before an announcement can be made, they’re still anxious to learn the facts.

5. Strengthen Security Plan

Don’t just draft a rapid response plan, practice it. Look at how well you responded to this breach and execute “fire drills” for the next one.

6. Upgrade Your Technology

Many data breaches can be traced back to companies that are running insecure or outdated POS systems–make sure your system is up-to-date.

ABTK-small-blog-image-DataBreach03When your customers’ personal information is breached, so is their trust. However, your rapid response and transparent communication can help control the damage.

 


Want to keep the conversation going? Find us on Twitter and Facebook

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS