Many retailers are actively preparing for Black Friday weekend, which is just a bit more than a week away at this point. This means many of them have “frozen” their technology acquisitions and are trying to simply make due with what they have. Implementing or upgrading software and hardware this late in the game may result in system performance issues or cause other delays due to incompatibilities, so it is better to stick what exists, despite any potential flaws.
Of course, this leaves merchants open to data theft and security breaches at the point of sale, as cybercriminals are better able to find gaps in outdated software and solutions. This story has become all too common over the past year, starting with the Target breach during the 2013 holiday season, which resulted in the theft of millions of credit card numbers and billions of dollars worth of damage in terms of reputation loss, sales from customers going to competitors, lawsuits and security upgrades.
Since then, it seems like there has been a new breach every month. If nothing else, sellers should take from these attacks that every company is susceptible, which is why it is critical they take every precaution possible when implementing and updating their POS systems. Here are a few of the other other notable breaches that happened this year:
1. Neiman Marcus
Fresh off the back of the Target breach, Neiman Marcus was one of the first retailers to report a security breach at the POS. Initially, the company feared more than 1.1 million payment cards had been jeopardized, but further analysis brought that figure down to 350,000 cards, Dark Reading reported - a relatively minor breach compared to Target and some other attacks that would come later in the year.
A successful security breach is a type of deviant art in the eyes of some fraudsters, and so too was the attack that affected arts and crafts store Michaels. This breach left some 2.6 million customer payment cards exposed to criminals, with USA Today reporting the attack may have cost Michaels as much as $5 per card to replace them - a significant chunk of change for any merchant.
3. P.F. Chang’s China Bistro
The POS systems used at this Chinese eatery were targeted specifically by fraudsters. What makes this breach even scarier is the fact that P.F. Chang’s was not the organization to discover the breach - it all came down to the United States Secret Service alerting the restaurant brand. This just goes to show that no matter how safe companies think they are, there could easily be a breach happening at any moment. It should serve as a reminder of the importance of leveraging the latest encryption and security tools.
4. Home Depot
One of the more recent breaches, Home Depot was one of the more prolific attacks. As Dark Reading noted, if Target kicked off the year of the retail hack, then Home Depot was the one to conclude it (thus far, at least). As many as 56 million credit and debit cards were exposed in a multi-month attack that started way back in April of 2014. To bring the story full loop, the software used to execute the attack was almost identical to the malware used in the Target attack.
What all of these attacks suggest is that retailers and POS developers must work together to do a better job of staying on top of security threats. While technology may be frozen now, retailers should still always keep the POS in mind as an area to improve in the future.