The security breach that happened to Target, the third largest retailer in the US, last November was a nightmare for everyone – for Target, its customers and the banks that were forced to re-issue millions of credit and debit cards. What started with an admission of 40 million customers’ information being compromised ballooned to up to 70 million more.
This is not the first time a massive security breach has affected a US retailer. In 2007, TJ Maxx suffered the same security breach, affecting 46 million consumers. What is supposed to be a big wake-up call to consumers and retailers about the great risk of security breach and identity theft is gradually forgotten after a few months, with consumers again letting their guards down and retailers not doing anything concrete to toughen up their data security.
Case in point, six months after the Target security breach, you would think that companies would be more vigilant in mitigating attacks or toughening up security measures to ensure safety of their database. The opposite is unfortunately happening, as security breaches have gotten worse. According to the Identity Theft Resource Center in California, there have been 383 breaches across the US during the first six months of the year, already more than past half of the 614 that occurred last year, a 25% increase!
Post-Breach: Where Target Went Wrong
As expected, the breach was disastrous for the company. Severely decreased consumer confidence plays a significant role showing in a 16% decline of first-quarter sales figures compared to the same period from last year. Its stock has fallen 11% since December too.
Experts observed that this security trust issue would have been avoided if Target handled its post security breach emphasis more on mitigation through quick action rather than on risk assessment. They also noted that the company was “too slow, less than transparent and insufficiently empathetic”.
The Impact of Security Breaches
Security breaches often are associated with identity theft or insecure infrastructures . The ITRC said identity theft has been the top consumer complaint for 14 years in a row but has escalated with several big high-profile breaches. Last year, 13 million people were victims of identity theft, mainly because of data breaches between Target, eBay, Neiman Marcus and most recently, AT&T. In Ohio alone, there has been 12 reported breaches in this year alone. This is alarming; it’s basically one person every two seconds.
The Root of the Problem
In this day and age where data is stored electronically and super hackers are everywhere, data and information security should be on top of the priorities of all companies – government agencies, financial and educational institutions, hospitals and even retailers – as information is easily accessible, and hackable, to everyone who knows how to override the system. Medical institutions are vulnerable to data breaches because of the detailed personal information contained in most medical records but providers don’t have the same protection to their system like banks do.
And in data security, not everything is foolproof. While every system is prone to hacking, it would all boil down on how a company mitigates the attack. Proactivity is everything. There should be immediate, concrete, definitive and strong actions taken once data has been breached or even after being breached.
What Consumers Can Do
While consumers can’t do much about a company’s security system, they can protect themselves by doing the following:
1. Get identity theft protection.
2. Check and ensure your computer firewall is solid.
3. Make sure you use strong passwords for online sites.
4. Get a credit freeze. This means that you lock your information when there are new applications for credit – you can unlock it by making the application yourself, in person, at the bank.