Data breaches have always been a concern for online shoppers. Breaches of brick and mortar establishments like the Sonic Drive-In restaurant chain and Whole Foods, however, have shown that personal data can be stolen anywhere debit or credit card information is used. Here are four lessons learned from recent data breaches.
Cash is Still King
Shoppers may want to consider cash purchases whenever possible. The Sonic data breach likely involved hackers accessing the Sonic database of credit card and debit card information. Sonic is one of many fast food restaurants that accept electronic forms of payment. The number of customers using bank debit cards to pay for their food purchases has risen significantly in recent years.
A wiser alternative for smaller purchases is using cash. Carrying a small amount of cash is preferable to having one’s bank account drained by hackers. In the case of Sonic and similar restaurants, a car hop or waitress will always appreciate a cash tip as well. Cash can also be used for purchases at convenience stores while traveling and it’s always handy in the event a merchant’s card processor is down.
Hackers Have Evolved Beyond The Internet
There’s an old saying: what goes around comes around. In the case of hackers this is very true. Hacking can be traced to the earliest attempts to break code machines during World War II. In the modern era, old school hackers like Kevin Mitnick began their careers before the dawn of the Internet by hacking pay telephones for free long distance. The Internet, of course, made a vast amount of personal information available to data thieves. Now, things have circled back again as hackers focus on offline targets.
In truth, incidents like the recent Whole Foods data breach demonstrate that brick and mortar businesses are subject to these attacks because their payments are processed digitally. One might not associate scanning their debit card at Whole Foods with an Internet transaction, but the technology used is basically the same.
The wrinkle is that some physical retailers might not be using the same standards of encryption that are found at online shops. This means that shopping with a debit card at a local home repair store might pose a greater security risk than shopping at Amazon.
Retailers Must React Quickly
No retailer wants to admit that they have suffered a data breach. It is imperative that the company affected immediately implements a damage recovery plan. The starting point is to notify customers that they may have been affected.
Some banks are now using an automated system to minimize the damage from data breaches. When a breach is discovered, cards believed to have been affected can be automatically canceled. A recorded message is also sent to cardholders advising them of the situation. These are just a few of the proactive steps which can be taken by companies.
Time is of the essence during a data breach. Personal information can be sold on the Internet within minutes of being stolen. Once it reaches the eyes of a digital thief, the damage can mount in a very short period of time.
Expect a Greater Demand For Free Credit Monitoring
There are many credit card companies which now offer free credit monitoring in cooperation with the three major credit bureaus. Of course, even these important clearinghouses are not immune from the attacks of hackers. Equifax recently suffered a data breach of its own.
Credit monitoring can alert consumers to unusual activity on their debit or credit card. This alert may not always prevent personal information from being used by hackers, but it can stop the bleeding. The recent data breaches may prompt more credit card issuers and banks to offer free credit monitoring in response to customer demand.
One certain takeaway from these data breaches is that the cat and mouse game between data hackers and merchants will increase. When one side finds a vulnerability, the other develops countermeasures. The war for digital data is ongoing.