First comes the notification that your personal data have beencompromised in a data breach. And as sunset follows sunrise,increasingly that notification is followed by actual dollar lossesin fraud on personal accounts, said Javelin Strategy and Researchin its recently released 2013 DATA BREACH FRAUD IMPACT REPORT:Mitigating a Rapidly Emerging Driver of Fraud.
|Wrote Javelin: “A single massive data breach can result inbillions of dollars in consumer fraud losses. Data breachvictimization has been increasingly correlated with fraud incidenceover the past three years, with a walloping 23% of data breachvictims in 2012 becoming fraud victims.”
|Worse news: data breaches are multiplying as cyber crooksrecognize that credit and debit card numbers are as good as cashand, increasingly, they are easily stolen from poorly protecteddata caches.
|In an interview, Javelin risk expert Al Pascual said that,generally, financial institutions are doing a good job protectingaccount numbers and the rest of the information coveted by cybercrooks.
|But other kinds of businesses – from online merchants to bricksand mortar retailers, hotels and restaurants – are not necessarilyas thorough in safeguarding their account data and they are underattack by skilled hackers.
|Usually, said Pascual, the company whose data cache is hacked may sufferreputational losses but the hard dollar losses are suffered byindividual consumers and also by financial institutions that, inmany cases, absorb their customers' losses.
|Advised Pascual: “You have to make it more difficult for thefraudster. We are not saying you can stop every breach. But bigbreaches often are the result of simple mistakes.”
|Mistakes – careless handling of data – are commonplace, observedPascual. He noted that 80% of the 25 largest banks “stillallow use of Social Security numbers for authentication,” apractice he advised be discontinued.
|“The Social Security number is the key to the kingdom forcriminals. It can lead to account takeover and identity theft,”Pascual said.
|Javelin recommended that enterprises take simple steps to betterprotect account data. Included in the recommendations are: Conductregular security audits; don't store data unnecessarily: encryptdata; and assess risk annually.
|“The fixes for the data breach problem are fairly obvious,”Pascual said.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Critical CUTimes.com information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
- Exclusive discounts on ALM and CU Times events.
- Access to other award-winning ALM websites including Law.com and GlobeSt.com.
Already have an account? Sign In
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
