About Thawte

News

Retail security breaches: a lesson in cyber security

In the wake of a recent data hack that exposed credit card information for tens of millions of customers, another retail giant has announced that it's fallen victim to a similar data breach. Representatives from Neiman Marcus publicly acknowledged last week that they had experienced a credit card breach, according to Slate.

The full extent of the breach and its implications are not known. What is known is that it involved customer credit card data. This is similar to the Target attack, where roughly 40 million credit card numbers were stolen in addition to 70 million home and email addresses. It's not currently known how many cards were affected in the most recent incident, but the upscale store released a statement saying it is taking the necessary measures to contain the breach.

"We have begun to contain the intrusion and have taken significant steps to further enhance information security," officials said in a statement.

Neiman Marcus representative Ginger Reeder said in an interview that the luxury retailer will maintain transparency as it investigates the details of the breach, with plans to reach out to affected customers.

"The security of our customers' information is always a priority and we sincerely regret any inconvenience," Reeder said in the interview with Matthew J. Schwartz. "We are taking steps, where possible, to notify customers whose cards we know were used fraudulently after making a purchase at our store."

In both retail breaches the stores were likely targeted through malware that was unleashed on the stores' digital cash registers. One move to prevent such data attacks in the future is to utilize proper data encryption.

A TechCrunch article pointed out that the breaches at the two retail giants may be part of a larger series of attacks that took place over the holiday season. What these attacks point to is the sophistication of the malware involved, which left these previously well-guarded companies defenseless. In an age when malware develops along with security, it's important to have the best means of data encryption possible - especially for businesses that have their clients' personal information in their system. Among other things, encrypting data can enable retailers to protect clients' credit card information.

Target sued over attack
The penalty for not suitably guarding consumer information may be steep, with multiple lawsuits being filed in the wake of the breaches.

TIME reported that one of the lawsuits was filed in San Francisco on behalf of all the customers affected by the Target breach. Included in the complaint is the criticism that the retailer "failed to implement and maintain reasonable security procedures."

And according to USA Today, three class action lawsuits have already been filed against the retail giant on the heels of the breach. In addition, attorney generals in four states - Connecticut, New York, South Dakota and Massachusetts - are launching their own investigations into the breach. Some states are also beginning the process of looking into the Neiman Marcus breach.

Make sure your data is protected in transit with an SSL certificate today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950

We have updated our Privacy Policy which can be found here.

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?