More Data Breaches Expected This Holiday Season

Retailers are still trying to regain their footing from last year’s massive data breaches. But as stores like Target and Neiman Marcus finally stabilize for the holidays, experts say ‘tis the season for more – and more sophisticated – big hacks.

Cybersecurity firm Dispersive Technologies wants to get the message out to merchants in time for holiday shopping. “It’s just a matter of when they’re going to get hacked, not if,” Dispersive Technologies CEO Robert Twitchell says.

That’s daunting news for both retailers and shoppers, who are still rebounding from last year’s high-profile breaches.

Just before Christmas last year, Target saw debit and credit card information stolen from 40 million of its accounts, in addition to contact information of 70 million of its shoppers – the biggest data breach in US history. Neiman Marcus saw its own shoppers’ information stolen, announcing that between July and October of last year the credit card information of 350,000 customers was stolen. The retailer also said more than 9,000 cards were fraudulently charged.

Data breaches multiply

But while 2013 revealed just how widespread hackers can reach, reports say cyberattacks on US stores increased this year. According to the Identity Theft Resource Center, so far this year 644 breaches have been reported – a 25.3 percent increased from the same period last year.

Some of those worst-hit include eBay, which saw login information stolen from 233 million users, and Home Depot, which saw 2,000 of its stores plagued by credit and debit card information breaches. UPS, P.F. Chang’s, Goodwill, Dairy Queen and Orange Julius all saw similar card information hacks, too.

Growing hacker sophistication

Unfortunately for stores and shoppers, cyberthiefs are constantly upping their game. According to recent data from cyber security solutions company Trend Micro, the average price on the black market for credit and debit cards has gone down. That means hackers will be seeking newer ways to steal consumer information.

Mobile payments platforms could be the next big target for these hackers, reports say. Trend Micro’s report, The Invisible Becomes Visible, predicts that in 2015 data breaches will more frequently hit the mobile devices that carry consumer data, and the companies that store it. “In 2015, we expect attackers to hack smart device-makers’ databases to steal information,” Trend Micro writes.

The company also predicts a more diverse range in targets from these cyberattacks, but that financial information will continue to be some of the most sought-after data.

But retailers and consumers aren’t defenseless. Trend Micro says online shoppers should consistently change their passwords on mobile devices, while merchants must constantly monitor their networks. Twitchell, meanwhile, urges stores to boost security measures and educate themselves on the newest strategies and technologies used by today’s hackers. Shoppers, meanwhile, should minimize their online purchases and buy software protection, he said.