Data breaches are, generally speaking, no longer particularly noteworthy events. Obviously, they hold a great deal of significance for the business itself and any clients, customers, employees or partners who may be affected. But beyond this immediate impact, data breaches have become so commonplace that they receive little more than shrugs from the general populace.
However, a recent data breach was so wide in scope and significance that it has received a great deal of attention, and raised concerns about the state of cybersecurity. This breach, which hit retail chain Target, has put millions of individuals at risk, and should serve as a reminder for business decision-makers to pursue high-grade data protection resources, such as secure file transfer solutions.
A big target
Target recently acknowledged that cyberattackers have compromised as many as 40 million customers' personal information via a successful hacking effort. This makes the event one of the most wide-reaching cybersecurity failures in history. This exposed information included individuals' names as well as credit card numbers, expiration dates and verification codes. As NBC News noted, this is all the information needed to create a counterfeit credit card.
The breach was ongoing from Nov. 27 through Dec. 15. In a press release, the company stated that either Target or the individual's bank would be responsible in the event of fraudulent charges. Additionally, Target is offering free credit monitoring services for anyone potentially affected by the incident.
"Target's first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence," said Gregg Steinhafel, president and CEO of Target.
An expensive event
While the total costs of this Target breach are as of yet unknown, there is good reason to believe that this will prove a very expensive incident for the company. NBC News reported that in 2007, T.J. Maxx and Marshalls experienced a data breach which led to the theft of more than 45 million customers' information. In June 2009 TJX Cos., which consists of both T.J. Maxx and Marshalls, reached a $9.8 million settlement with data breach victims. Despite the high price tag, TJX Cos. maintained that the data breach did not indicate a violation of any consumer protection or data security compliance regulations.
And as USA Today reported, three separate class-action lawsuits have already been filed against Target. The complainants are seeking more than $5 million in damages.
Furthermore, the news source reported that attorneys general in several states have asked Target for more information concerning these breaches. This may represent the early stages of what will become a multi-state investigation. Such an investigation may lead to tremendous fines and other sanctions.
The seriousness of this breach, and the attention it has drawn from the media, emphasizes the need for data security at businesses of all kinds. Firms need to embrace secure file transfer solutions, firewalls, antivirus programs and any other cybersecurity solutions that could reduce the risk of experiencing such a damaging incident.