Criminals Target the Data Merchants Hold

Nearly a quarter of 621 data breaches reported in 2012 targeted multichannel merchants and restaurants, according to a new report from Verizon Enterprise Solutions. Only breaches at financial organizations topped those at retailers and restaurants mainly due to the rampant exploitation of ATMs. But retailers accounted for the biggest portion of data exposed via network intrusions at 21.7 percent, Verizon notes. Verizon analyst Suzanne Widup says criminals frequently attack store point-of-sale systems as a way to either infiltrate a merchant’s computer network or to steal account data at the store checkout counter. Some retailers implementing Web-based POS systems have spurred criminals to pursue infiltration strategies. “Anything that has an IP address is a target,” Widup notes. Verizon advises retailers to make sure that POS networks, as well as all company computer networks and wireless networks, are routinely patched with updated security software. The Verizon study says payment card account data was most commonly targeted in breaches, followed by personal credentials such as user names and passwords. Criminals “favor payment and personal information that can easily be converted into cash,” the report says.

[divide]

From “Criminals Target the Data Merchants Hold”
Internet Retailer (05/09/13) Demery, Paul