Following reports of the well-documented Target data breach in 2013, the need to improve the existing security framework to ensure that customer credit card numbers and other personal data are no longer at risk has been brought up by corporations and media alike. Target Corp. responded to their data breach with a change in CIO and CEO, the latter being appointed earlier today. The widespread publicity surrounding the Target breach has brought added attention to the problem, but unfortunately it hasn’t prevented other similar breaches from occurring in its wake.
The entry point for the afflicted 70 million customers in the Target breach was the point-of-sale systems, and it is believed that this same route was used in the recently reported Goodwill data breach. Goodwill Industries International, Inc. reports that it is working with the U.S. Secret Service on investigating the breach, but there is no information regarding loss of customer credit card numbers, personal data or the scope of the breach. With respect to increasing security frameworks of not-for-profit companies, Mike Lloyd, CTO of RedSeal Networks, stated to TechNewsWorld: “Many organizations have been in denial for too long … Many industries are loved by the public and can lapse into thinking they don’t have enemies, and so don’t really need to worry about security.”
Brian Krebs from KrebsonSecurity.com states that there may have been up to 21 states affected by this data breach and that it reflects behaviors similar to the compromised credit and debit cards used in the Target breach.
[ Image courtesy of jscreationzs / FreeDigitalPhotos.net ]