And now it is Staples. And before that Kmart. And before that Home Depot. And Cub Foods, and Dairy Queen. List is extremely long, and most of the time the cyber-crooks are using the same exploit package that took down Target. If it seems to you that the security environment has never been worse, you a right. To date in 2013 and 2014 91 retailers have been hacked for customer credit card information. (up from 77 in since September 9!) It seems that there is no way to prevent this exploit, because if there was, we wouldn’t be hearing about this all the time.
And so it is. Everything that I am reading says that 100% prevention is going to be impossible to achieve, that the best defense is a combination of network monitoring and quick response and removal. The early word on Kmart is that this may be the case for them. The breach appears to date from early September, which means that it was caught in less than two months, still a long time but much better than the record for the other major retailers we have heard about this year and last.
If you are a small business using a popular point of sale systems and credit card processing companies, the bad news is that you may be infected already and not even know it. When you find out, after you are contacted by Visa or MasterCard, it will be too late to avoid the fines and loss of reputation and customer trust. To protect yourself you should be working with your IT outsource partner or internal IT staff to start looking for this exploit on your POS system. If they are not up to the challenge, then you might want to find an experienced cybersecurity consultant who can get this project started. Waiting and hoping that everything is ok is going to be a bad strategy for you, and possibly sooner than you believe possible.Share