Datonomy has been reflecting on the danger of payment processing and the risk that faces both retailers and their customers at this time of goodwill to all men (and large, frequent card transactions). The Heartland payment systems security breach is almost a year ago now yet there is a danger that the lessons will be forgotten. Heartland had over 130 million credit and debit card details stolen by SQL injection – a relatively well-known code injection technique. Due to the nature of Heartland’s business, 1,000s of small retailers were affected along with the larger players such as the 7-eleven chain.
Datonomy has been discussing the impact of data loss for retailers with its sister blog Fashionista-at-law. Retailers can be a particular target for computer hackers due to the sensitive customer information they carry. As well as payment data, retailers can potentially hold customers’ address, email and occasionally even date of birth – more than enough to set up a fraudulent identity.
Not only is losing lots of customer information incredibly embarrassing for retailers, but it may lead to legal claims, particularly if proper compliance procedures were not followed, and may even harm the share price. IT departments suffer from a range of pressures but, in Datonomy’s idealistic opinion of the world, data security should be the last thing to cut back on. Regular IT testing and upgrading can save money and reputation and, in Datonomy’s opinion, is the key to surviving the winter season computer bug- and virus-free.