Posted on October 5th, 2015
For too long, some companies have shirked their responsibility to protect their customer’s personal information. Furthermore, it is believed that these companies simply gave lip service to how they went to great lengths to protect customer information. Do you think it’s true that many companies don’t make customer confidentiality a big enough concern? Well for many, this is about to change.
Apparently, some executive management teams simply don’t really care much if customer information is stolen as long as they still have access to it locally. Supporters believe that execs don’t see how another person having the data outside of their company could hurt their profits. As long as the company still has it, they can still reach the customer, solicit more business and make money. These companies haven’t felt the pain brought on by ransomeware yet.
If these companies simply don’t care that much about being hacked, they certainly know how to put on a show that “security is of paramount of concern.” What do you think, are some companies simply bragging about the millions of dollars spent to re-enforce cyber security defenses but, in truth doing very little?
Take Subway restaurants for example where 146,000 victims had their credit cards stolen which led to $10 million in fraudulent charges. source After investigating the incident, researches learned that some sandwich shops had “directly and blatantly disregarded” the franchisees security and POS configuration standards. Who paid for the $10 million in losses? In most cases like this, the banks have taken the hit plus they pay the expense to reissue new credit cards. All of this is of course passed onto their customers (I.e. you and me). BTW: Subway later announced that they spent money to reinforce their cyber security but, other than this expense, how were they hurt when their customer’s identity was stolen? Answer: maybe they weren’t much at all as cyber crime happens so frequently these days that it probably didn’t put a dent in their good will.
This lack of caring will change in the near future for 3 reasons:
On Monday, in a 3-0 decision, The United States Court Of Appeals for the Third Circuit ruled that the Federal Trade Commission has the authority to sue companies for allowing hackers to steal customer data from their computer systems. The court’s ruling sends the FEDERAL TRADE COMMISSION v. WYNDHAM WORLDWIDE CORPORATION case back to the lower court.
In 2008 and 2009 hackers absconded with the personal data of over 600,000 Wyndham Hotel customers which resulted in more than $10 million in losses.
The court determined that lack of adequate security provided by Wyndham is, in fact, engaging in “unfair or deceptive acts or practices in or affecting commerce” – the very thing the FTC is designed to prevent.
What can we do to beef up our cyber security defenses?
Need help performing the above? Contact our experts for a complementary consultation and evaluation.