payment security
32 views | +0 today
Follow
Your new post is loading...
Your new post is loading...
Rescooped by Adeniyi Adeyemi from HIPAA Compliance for Medical Practices
Scoop.it!

Hacked in 2014: The Year of the Data Breach

Hacked in 2014: The Year of the Data Breach | payment security | Scoop.it

2014 will go down as the year of the data breach, from massive hacks at retail chains to the leaking of celebrity nude photos and not to mention dangerous security vulnerabilities like Heartbleed and ShellShock that had security pros panicking.

A slew of industries like banking, retail, and healthcare have all fallen prey to cyber criminals this year. As the year now winds down, the effects of some of 2014’s most notorious hacking incidents are still being felt and will be for some time. Here are five of the year’s worst data breaches and the huge impact they are having on the state of cybersecurity.

 

Sony Pictures

The hack at Sony Pictures is the latest breach of the year and by the looks of things, will be the biggest, moving far beyond being an IT issue. A hacker group known as Guardians of Peace, or simply GOP, breached Sony’s internal systems in late November, affecting thousands of employees, several executives and celebrities, leaking as-yet-unreleased films, and demanding the cancellation of the Seth Rogen and James Franco comedy film, The Interview. This fueled rumors that North Korea was behind the attack, an allegation that continues to gather more steam. The hermit kingdom would deny involvement but still called the hacking a “righteous deed”.

However a number of large US theater chains have now dropped the film after one of GOP’s latest messages threatened physical attacks on cinemas screening the film. The number of theaters dropping the film eventually pushed Sony to completely cancel the release of the film.

The fallout continues across the board too as more and more details start to emerge courtesy of GOP, including some actors’ movie paydays as well as a heated email exchange between execs over Angelina Jolie. While Sony has hired security firm Mandiant to clean up the mess, there’s no end in sight for the leaks with each one becoming more and more serious. Sony will need a long time to mend its reputation and relationships, especially when several employees are taking legal action against the company.

 

Home Depot

Back in September Home Depot suffered a major payment system data breach for which it is still feeling the effects of, now facing 44 lawsuits. All in all 56 million credit card details and 53 million email addresses were stolen in the breach spanning April to September of this year with the company spending $43 million in one quarter to try and tame the breach’s effects.

Staring down 44 lawsuits in the US and Canada, Home Depot is looking at several accusations with one of the central claims being that the company was not complying with data protection standards. Meanwhile its recent regulatory filing added that there may very well be more damage discovered in the breach:“It is possible that we will identify additional information that was accessed or stolen.” On the plus side, people haven’t stopped shopping there as Home Depot still managed to boost its revenues in sales.

 

JP Morgan Chase

Several retail outlets have been rocked by data breaches this year but so too have financial institutions, for obvious reasons. Throughout the summer, hackers breached the bank, stealing names, email addresses, phone numbers, and addresses with the number tallying over 80 million customers and businesses. At the time, the New York Times called it the “most serious computer intrusions into an American corporation” and added that several other banking businesses were targeted too.

The attack was spread out over two months and stoked fears of wider attacks on the financial industry, which if successful, could yield serious rewards for cyber crooks. As for who was responsible for the attack, that remains unclear but original reports pointed the finger at Russian hacking networks, which has now become a recurring theme in many data breach cases and the talk of whodunit.

 

Community Health Systems

Healthcare data bases are becoming lucrative targets for cyber criminals too and while there have been several data breaches at facilities around the US, the biggest and most devastating was the August data breach at Community Health Systems. More than 4.5 million people were affected in 200 different hospitals, compromising data such as patient names, addresses, birth dates, phone numbers, and Social Security numbers but CHS insisted that no medical information was lost.

FireEye’s Mandiant, the same security firm now hired by Sony, believes that hackers in China going by the name Dynamite Panda are responsible and are allegedly the same group behind the 2011 RSA data breach.

 

P.F. Chang’s

The data breach at restaurant chain P.F. Chang’s showed that hackers will target any and all businesses. In August the company reported that payments systems at 33 of its locations were compromised and hackers made off with credit card details, names, and possibly expiration dates. However P.F. Chang’s first noticed something was awry back in June, which led to the investigation.

While this breach didn’t cause the same impact as say Target from last year or Home Depot, the incident raises more question marks over the state of retail data security and payment security as a whole, especially when security firms like McAfee predict that in 2015 point of sale attacks will evolve to become even more dangerous.

If a big company or banking institution were to get stolen from fifty years ago, the average customer could really care less. But when these companies have all of your data and credit card information at their fingertips, the potential for it to fall in the wrong hands is a legitimate problem. Whether it is politically or financially motivated, these corporate data breaches are also all part of the overarching conservation of public data, privacy, and government surveillance that we are having as a country—and it’s one that hasn’t completely played out yet.

In the end, 2014 may not be remembered as the year of the data breach, but rather the first of many. As new mobile payment systems like Apple Pay become more common, the chances for further data breaches and cybersecurity hysteria will no doubt increase. Will an increased focus on cybersecurity really prevent attacks in the future? Will the concerns result in a hesitant attitude toward mobile payment systems that will affect the adoption of the technology? We may not know the answers to these questions as of now, but a year from now, I have a feeling we will.

 

 


Via Technical Dr. Inc.
more...
No comment yet.
Rescooped by Adeniyi Adeyemi from Mobile Payments Innovation
Scoop.it!

A Funny Thing Happened On The Way To Mobile Payments | PYMNTS.com

A Funny Thing Happened On The Way To Mobile Payments | PYMNTS.com | payment security | Scoop.it
MasterCard is turning plastic, digital. It wants the world to say goodbye to “static” cards and hello to a new age of digital, “dynamic” interactive cards – an

Via Faisal Omar
more...
Faisal Omar's curator insight, December 12, 2014 2:47 AM
interactive plastic cards are a step between virtual cards and the current plastic cards. A step lower than the Coin product to some extent.I recall working with similar cards about 10 years ago which generated 3D secure PIN token in realtime for online payments use. Costs were too prohibitive for issuers to implement though. Wonder if these cards will face a similar fate.
Scooped by Adeniyi Adeyemi
Scoop.it!

Even With Apple Pay Around, Credit Cards Are Still a Hotbed for Startups | WIRED

Even With Apple Pay Around, Credit Cards Are Still a Hotbed for Startups | WIRED | payment security | Scoop.it
Today, just a week after Apple unveiled a mobile service that seeks to eliminate the credit card, Nitish Kannan will roll out a new payments technology that would be completely useless without that familiar piece of plastic we carry in our wallets.
more...
No comment yet.
Scooped by Adeniyi Adeyemi
Scoop.it!

Google has a 'Security Princess' - SFGate (blog)

Google has a 'Security Princess' - SFGate (blog) | payment security | Scoop.it
SFGate (blog) Google has a 'Security Princess' SFGate (blog) In an Elle Magazine profile, Tabriz, who leads a team charged with sniffing out security threats to Google Chrome, said that before a business trip to Japan, she needed to come up with a...
more...
No comment yet.
Rescooped by Adeniyi Adeyemi from I can explain it to you, but I can't understand it for you.
Scoop.it!

Is PCI compliance IT's job, or everyone's?

Is PCI compliance IT's job, or everyone's? | payment security | Scoop.it

A look at how national retailer Woolworths tackled Payment Cards Industry (PCI) compliance.


Via Riaz Khan
more...
No comment yet.
Rescooped by Adeniyi Adeyemi from Mobile Payments
Scoop.it!

Why Retailers Must (But Won’t) Succeed In Introducing Mobile Payment Systems

Why Retailers Must (But Won’t) Succeed In Introducing Mobile Payment Systems | payment security | Scoop.it
In the digital age, it’s critical for retailers to collect and manage customer data. This information is the key to providing personalization for any kind..

Via Graeme Lewis
more...
No comment yet.
Rescooped by Adeniyi Adeyemi from Mobile Payments Innovation
Scoop.it!

The 10 biggest issues in e-payments - Payments Cards & Mobile

The 10 biggest issues in e-payments - Payments Cards & Mobile | payment security | Scoop.it
As we head toward the close, 2014 seemed to be the year of the dinosaur— as in the outmoded creature whose days were ended in the flash of a mighty asteroid strike.

Over and over again, the ent

Via Faisal Omar
more...
No comment yet.
Scooped by Adeniyi Adeyemi
Scoop.it!

New PCI Essentials Training Course to Improve Payment Security Awareness - MarketWatch

New PCI Essentials Training Course to Improve Payment Security Awareness - MarketWatch | payment security | Scoop.it
New PCI Essentials Training Course to Improve Payment Security Awareness MarketWatch WAKEFIELD, Mass., Jul 17, 2014 (BUSINESS WIRE) -- Today, the PCI Security Standards Council ( PCI SSC), an open, global forum for the development of payment card...
more...
No comment yet.
Scooped by Adeniyi Adeyemi
Scoop.it!

Check a Hotel's PCI Compliance Before Swiping Your Credit Card - Lifehacker

Check a Hotel's PCI Compliance Before Swiping Your Credit Card - Lifehacker | payment security | Scoop.it
Check a Hotel's PCI Compliance Before Swiping Your Credit Card Lifehacker A survey found that several hotel managers were unaware that they needed to be PCI compliant—a standard of checks and measures that credit card companies require businesses...
more...
No comment yet.
Scooped by Adeniyi Adeyemi
Scoop.it!

Online Payment Solutions - Google Checkout vs PayPal vs Amazon Payments

Online Payment Solutions - Google Checkout vs PayPal vs Amazon Payments | payment security | Scoop.it
Want to accept online payments? Consider going with Google Checkout, Paypal or Amazon Payments. Compare and contrast to see which option is best.
more...
No comment yet.