We all feel the hit when a major retailer gets hit with a
breach the first time. How does it feel to see the same retailer hit again?
Well, it’s going to cost you some business, at least as far as credit card
transactions are concerned. I know I won’t be using my credit card at Sally’s
anymore. “On March 5, 2014, [it was] reported that a batch of more than 282,000
cards that went up for sale on Rescator[dotc]cc — the same site that was first
to sell cards stolen in the Home Depot and Target breaches — all traced back to
customers who’d shopped at Sally Beauty locations nationwide. Asked about that
pattern at the time, a company spokesperson said Sally Beauty had recently
detected an intrusion into its network, but that neither its information
technology experts nor an outside forensics firm could find evidence that
customer card data had been stolen from the company’s systems” (Krebs on Security, 2015) .
“But
on March 17, 2014, Sally Beauty officially confirmed a breach of its network,
but said its investigation determined that fewer than 25,000 card accounts were
removed from its network. Nevertheless, a subsequent, exhaustive analysis of
the Sally Beauty store ZIP codes listed in the cards for sale on Rescator’s
site indicated that the 2014 breach impacted virtually all 2,600+ Sally Beauty
locations nationwide” (Krebs on Security, 2015) . I’m more interested
in understanding how the attackers were able to get in. Could Sally Beauty have
been able to prevent these breaches? Were they protecting their networks? I
would like to see more information on this so that I can decide as a customer
if I should continue to do business with this company. I prefer doing business
with company’s who value my card holder data. It’s important to me that
businesses protect my information otherwise I won’t want to give them any of
this information. I suppose I’ll have to wait until further investigation is
done on this matter.
Reference
Krebs on Security. (2015, May). Sally Beauty Card
Breach, Part Deux? Retrieved May 4, 2015, from Krebs on Security:
https://krebsonsecurity.com/2015/05/sally-beauty-card-breach-part-deux/
No comments:
Post a Comment