• (800) 846-4472
Payment security



Recorded data breaches hit record high in 2014

Businesses continue to be prime targets

Business owners take heed—data breaches continue to plague businesses despite the large gains the industry has made in developing technologies and processes that combat data theft.  According to the Identity Theft Resource Center® (ITRC ), 783 data breaches were reported in 2014, up by 27.5 percent from 2013 (1).    

ITRC’s report includes data breaches that have been reported in the media and through governmental agencies, broken down by the industry sector, the type of breach, the number of records affected and other details.  The industry sectors include Business, Educational, Medical, Government, and Banking/Financial industries.

Who’s at risk?

If you accept credit and debit cards for payment at your business, you are particularly at risk for data theft.   According to the report, the business sector represents the largest percentage of breaches over a 10-year span with an average of 34.3 percent.  The business category includes retail and hospitality services, as well as transportation, utilities, payment processors, nonprofit organizations and more. 

Most business owners are at least somewhat familiar with the concept of data security, thanks to the efforts of the Payment Card Industry Security Standards Council (PCI SSC) and the standards they developed to help mitigate fraud and protect cardholders from data theft.  But many businesses continue to act as though data theft is something that happens to other businesses and isn’t likely to be a problem for them personally.  Small businesses in particular are prime targets due to the fact that they generally do not employ IT staff and dedicate significant resources to IT infrastructure.

Common types of breaches

An interesting aspect of the ITRC report is the data on the specific vulnerability that led to each breach.  Breaches are sorted into the following categories:  insider theft, hacking, data on the move, accidental web/internet exposure, subcontractor/third party, physical theft, and employee error/negligence. 

2014 breaches occurred as follows:

Hacking—29%

Subcontractor—15.1%

Physical theft—12.5%

Accidental exposure—11.5%

Employee error—10.9%

Insider theft—10.2%

Data on the move—7.9%

 

Hacking takes the top spot year after year.  Hacking describes a type of breach where criminals are able to access sensitive data through networks from outside the server.  It can be accomplished by leveraging malware or taking advantage of non-existent or faulty firewalls and other vulnerabilities within the network or point of sale system.    

Protecting your business

The best defense small businesses can take to protect against hacking is to follow the PCI Data Security Standards (PCI DSS) very closely and to incorporate the tasks into everyday operations.  Not sure what the standards are or how to begin complying with them? You’re not alone. 

There are many PCI compliance assistance products on the market for small businesses today that are very affordable and provide step by step instructions to achieve and maintain compliance yourself. 

Vantiv Integrated Payments offers Merchant SecureAssist®, a comprehensive PCI compliance tool.   It includes an online wizard that guides merchants through the compliance process one step at a time and performs real time POS scans for vulnerabilities.  

Find out if your payment processor offers a compliance tool or contact Vantiv Integrated Payments for more information.    
 

Identity Theft Resource Center is a registered mark belonging to an unaffiliated third party that does not endorse or sponsor Vantiv Integrated Payments, LLC.

⊃1;Data Breach Reports, Identity Theft Resource Center, February 17, 2015, http://www.idtheftcenter.org/Press-Releases/2014breachstatistics.html

 


At Your Fingertips

Download the EMV Handbook

The impending shift in liability for card-present fraud is driving a transition to EMV. Are you ready? This handbook can help you prepare.

Get ready for EMV. We can help.

Vantiv Integrated Payments is ready for EMV and has the technology and a network of providers that merchants need to enter the new era of payments.

Find a local POS Provider

This free service helps you find a POS provider who can help you identify and implement the best EMV solution for your business.


 
 
Thank you for your interest in
Vantiv Integrated Payments.
We just need a little info to get started.