Recorded data breaches hit record high in 2014
Businesses continue to be prime targets
Business owners take heed—data breaches continue to plague businesses despite the large gains the industry has made in developing technologies and processes that combat data theft. According to the Identity Theft Resource Center® (ITRC ), 783 data breaches were reported in 2014, up by 27.5 percent from 2013 (1).
ITRC’s report includes data breaches that have been reported in the media and through governmental agencies, broken down by the industry sector, the type of breach, the number of records affected and other details. The industry sectors include Business, Educational, Medical, Government, and Banking/Financial industries.
Who’s at risk?
If you accept credit and debit cards for payment at your business, you are particularly at risk for data theft. According to the report, the business sector represents the largest percentage of breaches over a 10-year span with an average of 34.3 percent. The business category includes retail and hospitality services, as well as transportation, utilities, payment processors, nonprofit organizations and more.
Most business owners are at least somewhat familiar with the concept of data security, thanks to the efforts of the Payment Card Industry Security Standards Council (PCI SSC) and the standards they developed to help mitigate fraud and protect cardholders from data theft. But many businesses continue to act as though data theft is something that happens to other businesses and isn’t likely to be a problem for them personally. Small businesses in particular are prime targets due to the fact that they generally do not employ IT staff and dedicate significant resources to IT infrastructure.
Common types of breaches
An interesting aspect of the ITRC report is the data on the specific vulnerability that led to each breach. Breaches are sorted into the following categories: insider theft, hacking, data on the move, accidental web/internet exposure, subcontractor/third party, physical theft, and employee error/negligence.
2014 breaches occurred as follows:
Data on the move—7.9%
Hacking takes the top spot year after year. Hacking describes a type of breach where criminals are able to access sensitive data through networks from outside the server. It can be accomplished by leveraging malware or taking advantage of non-existent or faulty firewalls and other vulnerabilities within the network or point of sale system.
Protecting your business
The best defense small businesses can take to protect against hacking is to follow the PCI Data Security Standards (PCI DSS) very closely and to incorporate the tasks into everyday operations. Not sure what the standards are or how to begin complying with them? You’re not alone.
There are many PCI compliance assistance products on the market for small businesses today that are very affordable and provide step by step instructions to achieve and maintain compliance yourself.
Vantiv Integrated Payments offers Merchant SecureAssist®, a comprehensive PCI compliance tool. It includes an online wizard that guides merchants through the compliance process one step at a time and performs real time POS scans for vulnerabilities.
Find out if your payment processor offers a compliance tool or contact Vantiv Integrated Payments for more information.
Identity Theft Resource Center is a registered mark belonging to an unaffiliated third party that does not endorse or sponsor Vantiv Integrated Payments, LLC.
⊃1;Data Breach Reports, Identity Theft Resource Center, February 17, 2015, http://www.idtheftcenter.org/Press-Releases/2014breachstatistics.html
- More Secure Ways To Pay
- Small merchants use tokenization
- What merchants should know
- Merchant cash advance for small business
- What is a merchant cash advance
- Bridging the Gap Part 1: New Customer Expectations
- Bridging The Gap Part 2: Merchant's current reality
- Bridging The Gap Part 3: Digital Commerce
- Breach Report
- Safe and Sound: 4 Tips to Secure Your Business
- Securing the Customer Experience
- Top Five Payment Technologies You Should Not Ignore
- Ways Merchant Can Hurdle Mobility POS Adoption Challenges
- The Time is Now to Develop a Mobile App
- Reasons Consumers Shop Online
- PCI for Retailers
- Loyalty and Payments
- E2E and Tokenization For Your Business
- Avoiding Fraud on your ecommerce site
- The Top 3 Data Breaches of 2014
- Today's Emerging Payments Trends
- EMV: What You Need To Know
- Learn What's New With PCI 3.0
- Integrated Payments and Security
- The Four Levels of PCI Compliance
- PCI Compliance For Restaurants
- POS Security Best Practices
- What does it take to be PCI compliant?
- Beyond cuisine
- What is PCI Compliance
- Article-More repeat business for your restaurant
- Protect Customer Data at the POS
At Your Fingertips
The impending shift in liability for card-present fraud is driving a transition to EMV. Are you ready? This handbook can help you prepare.
Vantiv Integrated Payments is ready for EMV and has the technology and a network of providers that merchants need to enter the new era of payments.