2014: The Year of the Data Breach?

By Sheila Hoeppner, Director of Fraud & Risk Products, Xerox Services

News coverage of companies experiencing a data breach seemed nonstop in 2014. The ID Theft Resource Center is reporting as many as 633 new data breach notifications per day in 2014.

A data breach is typically defined as an incident involving technical security in which sensitive information is obtained either by theft, or collusion, by someone who is unauthorized to possess the information. Financial information such as credit or debit card magnetic stripe data and PINS is usually a favorite target of criminals, although trade secrets and corporate intellectual property can also be stolen and sold on various “darknet” or “deepweb” file sharing sites.

The industry at large is working hard behind the scenes to prevent these data breaches and protect consumers’ credit and debit cards as well as cards from disbursement programs. For starters, the government and companies like Xerox that manage card disbursement programs are constantly monitoring the latest advances in technologies to protect information, as well as the tactics hackers use to obtain private information. In fact, the U.S. government is starting the process of migrating magnetic strip cards to EMV (Europay, MasterCard and Visa), a global standard for inter-operation of integrated circuit cards or chip cards. The new chip cards provide a more complex authentication for credit and debit card transactions making counterfeit activities more difficult.

CNET suggests simple steps for protection like changing your passwords every few months and not using the same passwords for both personal and work needs. It’s also critically important that consumers take an active role in their cybersecurity. Make sure to monitor your account transactions and report any suspicious behavior immediately. Most companies like Visa, Mastercard and Xerox have a fraud protection team monitoring client accounts for inconsistent activity and encourage reports from clients.

Additionally, it’s important to be leery of any phone calls or emails asking for account numbers or passwords. Criminals are using very sophisticated equipment that can make the request seem legitimate. Do not respond to a phone call or an email asking for any sensitive information. Independently contact the account provider and ask if they recently contacted you for the information. If not, you can report the incident to the fraud protection team for further analysis.

Because this is such a critical part of protecting and serving customers, companies need to consider working with a partner who is an expert in fraud protection and:

Uses the latest technology to thwart cyberattacks. Hackers are constantly upgrading their technology to “break” the system so companies protecting information must do the same.

Executes vigilant account monitoring. Monitoring and flagging suspicious transactions is extremely effective at stopping hackers and minimizing loss.

Participates in annual or semi-annual penetration tests. These tests expose weaknesses within a system that can be addressed to provide better protection.

Incorporates best practices across the industry. When it comes to fraud protection, everyone is in it together and successful techniques must be shared and implemented industry-wide.

Though we may see an uptick in data breaches from the increased news coverage over the past two years, the industry has been facing this concern for more than 10 years. But it’s not a losing battle, and precautions can be taken to ensure private information stays private. Being a vigilant and proactive consumer will protect your account from unauthorized access and by working with a strong, attentive and dedicated partner, companies and government agencies can provide vital, active cyber protection for their clients.

Comments

Your email address will not be published. Required fields are marked *