On the 5th Day of 'Holidays' My True Love Gave to Me… A Data Breach

Posted by Amanda Nieweler

on December 8, 2014

Don’t Be Target To A Data Breach This Year

Last year, around this time, we learned of the data breach at Target. Millions of credit card numbers were stolen along with many more million pieces of customer data.

Just because this happened last year, doesn’t mean the possibility of it happening this year is any less possible.

A few months ago, we wrote about a credit card breach in Home Depot. Account information of 56 million cardholders was compromised.

It stands to reason that millions more transactions will be taking place this time of year. And businesses are certainly at risk. illustration icon outline of credit card

In the case of Target, investigations showed that Target already had every system in place to prevent the data theft – state of the art systems, monitoring, and alerts. However, someone on their compliance and security teams saw an alert and chose to ignore it. HQ was notified three times about funny business in the few months leading up to the holidays before finally taking a stand. However, customers weren’t notified until after the holidays of the breach – not the best customer service.

In the case of Home Depot, according to computer experts inside the organization, the risks were clear, and the company was warned for years that it might be easy prey for hackers.

Alarm bells were ringing as far back at 2008, but according to former employees, the home improvement chain was a wee bit slow to raise any proactive defence.

We’ve seen these thefts and fraudulent acts before at merchants, including Albertsons, Neiman Marcus, UPS. Security experts say retailers have not only been complacent about security, they have also been reluctant to share information with one another. Government officials estimate that as many as 1,000 retailers have been infiltrated by variations of the malware that first struck Target.

Our mission is to help organizations prevent these types of fiascos before they get out of hand. But all too often, that fiasco has to rear its ugly head before businesses actually take action. And here’s the crazy part – typically an employee already knew what was happening. That employee tried to come forward but was ignored.

Stop the Insanity!!

Okay that’s a little extreme, but you get the picture. This early warning system – the whistleblower tip – is documented in the ACFEs 2014 Report to the Nations. Globally, whistleblower tips account for 40% of reported frauds – possibly preventing potential disasters, or halting an increasingly growing threat in its tracks.

Over the last few years, we’ve seen how the power of whistleblowers can effect change, hold companies accountable and stop corruption. The spotlight on the critical role they could have played is seen in the absence of them in some of the biggest ethical lapses and most devastating frauds in history… (Enron).

Investigate all complaints to determine whether they warrant further investigation or not. Guard against retaliation and ensure employees feel confident that they will be supported for raising concerns about workplace misconduct and not end up in trouble for doing the right thing. Promote your whistleblower program by training employees regularly, having lunch and learns, and providing personal materials they can keep with them to reference anytime they need to blow the whistle.

Don’t let a data breach put the kibosh on your end of year business success. We can’t stress enough how important it is to implement an ethics reporting system, and actually let employees use it.

eBook: 7 Reasons to Implement a Whistleblower Hotline