This week, we take a look at retail security from a number of distinct angles. From online security threats and lessons learned from recent online data breaches, to the long-term impact of a data breach on a business and its financial future, to the headspace of shoppers who are coming to terms with recent terrorist activity and causing a cooling effect on retail and travel. Here are three retail security stories worth a read in the midst of the holiday shopping season.
Lessons From 3 Major Retail Security Breaches
In a recent article, PropertyCasualty360 offers up three succinct lessons gleaned from data security breaches in the retail sector from the past few years. While retailers have not necessarily been the most frequently targeted by cybercriminals, as the article points out, the volume of records stolen in retail security hacks account for a large percentage of total data stolen in payments data breaches in recent years.
Using trusted third-party vendors tops the list of lessons learned from the Home Depot and Target hacks. As smaller retailers struggle to keep up with constantly evolving cyberthreats to their POS systems, they often turn to third-party vendors to update and maintain their equipment. Vetting these providers is key, as is retailers educating themselves enough to understand the types of services these vendors should be providing to ensure all in-store systems remain bulletproof.
Another lesson learned — this one from the eBay hack — is the importance of being able to detect threats and potential threats early. It took the major online peer-to-peer marketplace nearly three months to detect a hack, which could have been thwarted with more attention given to detecting signs of hackers and their malware at work in the system. As cybercriminals become more sophisticated, retailers’ ability to spot them at work must evolve as well.
Target Agrees To Pay $39 Million To Banks For 2013 Breach
This past week, Target reached a settlement agreement with issuing banks for costs incurred during its now infamous 2013 data breach. The settlement could set a precedent for retailers involved in similar breaches, as it marks the first time a major retailer has been forced to absorb costs associated with such an infraction.
The Minneapolis Star Tribune reports that this $39 million payment will resolve a class action lawsuit filed on behalf of several U.S. banks for losses sustained after the 2013 breach that exposed credit and debit card information for 40 million customers and personal data from nearly 70 million more shopping at Target stores nationwide.
The payout marks the latest in a series of settlements associated with the 2013 breach, which has cost Target stores an estimated $290 million, according to the Star Tribune. That figure includes $67 million paid to Visa-issuing financial institutions, as well as $10 million to consumers impacted by the breach. Target has said that about $90 million of these costs have been covered by its insurance company.
The $39 million settlement is still awaiting court approval. Meanwhile, Home Depot and several other major retailers are currently engaged in similar litigations.
Ripple Effects Felt In Retail Following Recent Terrorist Attacks
It’s an unfortunate reality that we live in a time of increased violence and terrorist activity, which crosses borders and belief systems and impacts everything from travel to commerce. After the recent terrorist attacks in Paris and the incident in San Bernardino here in the U.S. just this past week, cities around the globe are responding with increased security in public spaces, including shopping districts, which are usually bustling this time of year.
The New York Times recently reported on the immediate impact the Paris attacks had on the holiday shopping season in the city, while Forbes did its own piece on the economic impact of terrorism across various industries. And while the primary concern is safety, it is undeniable that there can be long-term effects on commerce for cities impacted.
Shortly after the attacks, Paris Mayor Anne Hidalgo pledged to not only ramp up security throughout the city but also committed funds to bolster industries impacted by the attacks, including tourism and retail in the City of Lights. Marketing campaigns are planned that utilize fashion icons avowing their love of the city in an effort to bring travelers back.
Even increased security on public transport can cause a ripple effect for retailers. An incident in a London underground station over the weekend, which has been identified by London authorities as a “terrorist incident” and left two passengers injured with stab wounds, has led to increased security throughout the transit system. Riders may choose to postpone holiday errands or go online, not feeling comfortable traveling to and from shopping centers during times of unrest.