In Issue 1...

Customer Information Security - Your customers are direct targets, too.
Join Our Mailing List

In this issue, we discuss how "hackers" are directly targeting businesses to access non-public customer information.
There seems to be a recent rash of reports about large numbers of non-public customer information falling into the wrong hands. The Bad Guys don't seem to be targeting the banks directly, but going after their merchant customers.

A recent case uncovered over 40 million credit card accounts from across the world had been sold by a single ring. They had stolen many more millions of cards, but hadn't yet sold them all. The card information ring had been 'in business' since 2003, and wasn't shut down until February of 2007.

The targets of this ring reads like a Who's Who of American retailers – TJ Maxx, Barnes and Noble, BJ's Wholesale Club, The Sports Authority, Office Max and Boston Market.

TJ Maxx alone had 45 million cards stolen. In their case, a single store was targeted in the Miami area where a program was loaded that gave the hackers access to the customer information as quickly as it was entered into their merchant card system.

The crooks also pilfered Debit Card information. They encoded cards which were used to steal tens of thousands of dollars from ATMs.

For consideration: What is your plan if a merchant customer of yours is breached? What are your liabilities? What is your policy if you have one customer that has $500 taken from a checking account? What if it's 10 customers? Or 100? What is your Reputation Risk? GLBA requires that you verify the security of your vendors, but what about the security of your customers?

For more information:

11 Charged in Global Theft, Sale Of 40 Million Card Numbers

Hackers affect debit and ATM networks


Copyright 2014 Bison Risk Management Associates
[925] 658-4457
1145 2nd Street • #A251 • Brentwood, Ca • 94513