Large conglomerates are not immune to sophisticated cybercriminals who can find ‘loopholes’ and ‘vulnerabilities’ in a company’s cybersecurity defense systems to exploit customer payments. We normally assume that the corporate world with its enterprise software solutions and high-security firewalls are on standby 24×7. However cyber crime does not choose depending on the size of your business or demographic. It just sees an opportunity and potential weaknesses. The biggest weakness with any firm – big or small – is the lack of knowledge on the employee’s end.
Unwary employees
Employees just have to click on that big red button which says ‘download’ on it, or open up a seemingly trustworthy email that contains a .exe attachment which promises them an unlimited lifetime supply of money. Common phishing tactics that are normally avoided by more tech savvy employees are the root cause of most ransomware and malware attacks that have riddled Australian companies for years. Once inside your network, phishing emails can install various Trojans and key logging software to compromise your user’s credentials and then use it to thwart the overall customer experience by affecting customer payments. In 2011, Sony, a technology company renowned for being at the bleeding edge of technology, was hacked, exposing the data and user credentials of over 77 million PlayStation Network (PSN) users worldwide.
A lot of Aussies were also affected
1.5 million of this massive chunk of user information, belonged to Australians. This includes 280,000 credit card credentials that were ousted to cybercriminals. If these large corporates are not safe, then you probably aren’t either. Business Email Compromise (BEC) has cost Australian businesses a cumulative loss of over $3 billion since January of 2015. Australian businesses are at risk and if bigger corporations could not avoid massive breaches to their security, then how can small and medium-sized companies without sophisticated cybersecurity systems and enterprise-grade firewalls cope? No one can afford to let their customer’s data get breached. You are required by the Privacy Act of 1998 to take all possible steps to guard your customer’s data – failing to do this can result in crippling fines and worst of all, reputational damage that will ensure that your company is never trusted with user data again. Sony recovered from this damage, and continues to explode in growth – the same can’t be said for your business if it fails to follow the necessary protocols.
Below are 5 Companies Who Have Lost thousands of Customer Payments
1. Walmart
Walmart might be the go-to place for most shoppers who want to get their grocery done. But its popularity and fame has put a big red arrow on its face saying, “Free for the taking!” And that’s exactly what’s been happening.
A number of users have been reporting that their credit card details have been compromised and their bank balance is just going down the drain. Although we shouldn’t really be blaming Walmart for the breach, because digital payments were still in their cradle at the time; this was way back in the year 2005.
Someone installed L0phtrack into one of the thousands of servers leading to hackers stealing POS source code and executables including a detailed mapping of the company’s transaction processing network.
2. Home Depot
Many people purchase relevant home improvement tools for their DIY project from Home Depot, but a data breach in 2014 cost the company a massive sum of $179 million. To add insult to injury, the giant retailer was forced to pay $27.25 million to financial institutions and other entities affected by the security breach.
The lawsuit not only tarnished its reputation but cost it millions of dollars. While it is a billion dollar empire, such thrashing takes years to recover from, which Home Depot has yet to do.
3. Apple
The biggest oxymoron would be a tech giant such as Apple falling victim to hackers sitting in their grandma’s basement. Yet Apple’s security systems were breached in 2014, and the iCloud accounts of millions of users were compromised, leading to a number of celebrities having their ‘private’ photographs being leaked for the world to gawk at.
4. Anthem
One of the largest health insurance companies in the US, Anthem is still reeling in from a massive data breach that occurred in 2015. The incident has come back to bite it for a whopping $115 million settlement because of a class action lawsuit. 80 million patient and employee records were exposed in the data breach, resulting in the loss of $8 to $16 billion.
5. Kmart
In October 1 of 2015, Kmart, which has its headquarters established in Australia, reported that a privacy breach had resulted in millions of customer’s data being stolen by ‘external’ attackers. Details such as their email address, billing address, phone numbers and product purchase details were compromised.