Data Security

Cybercriminals Are Getting More Sophisticated
July 26, 2021 at 12:23 pm

Internet fraudsters are on the prowl more than ever before due to the COVID-19 e-commerce boom. Consider that by mid-March 2020, online shopping in the U.S. surged 35 percent from 2019 levels, and card-not-present spending grew 30 percent in the last quarter of 2020, primarily driven by retail spending, as reported in Visa’s Q1 earnings. Cybercriminals…

Retailers and the Credential Stuffing Crisis
July 6, 2021 at 12:58 pm

Credential stuffing attacks — in which hackers use credentials exposed in prior breaches to attack new sites — are soaring, with 193 billion documented incidents globally in 2020. The pandemic is a primary driver behind this increase; the abrupt shift to remote work, creation of new online accounts, and increased reliance on e-commerce all provided…

The 2021 Compliance Benchmark Report: What Retailers Need to Know
May 17, 2021 at 4:29 pm

On April 20, leading cybersecurity and compliance firm A-LIGN released the 2021 Compliance Benchmark Report, a first-of-its-kind cybersecurity benchmark survey that lets organizations compare seven aspects of their compliance programs to peers by industry, by revenue, and by employee size. The report analyzes survey results from over 200 cybersecurity, internal audit, and other professionals about…

When Determining the Right Preference and Consent Provider, Know the Differences in Capabilities
April 8, 2021 at 5:34 pm

Thousands of companies today, large and small, are realizing the importance of building trust and giving customers a voice through functions such as customer consent and preference management. Regulations such as GDPR and CCPA, as well as customer backlash related to poor customer experiences, has forced much of this shifting environment for brands today. Why…

Consumer Data Privacy: The Wave About to Hit Retail
March 29, 2021 at 4:25 pm

The consumer data privacy topic may feel like a slow rolling, deep water wave, far offshore without imminent threat, but in reality, there are many waves rapidly gaining in size and speed, and they’re hitting all at once. The first ripples started several years ago in the European Union with an abstract-sounding acronym “GDPR” and…

PCI DSS: A Guide to Compliance for Retailers
March 23, 2021 at 5:58 pm

As e-commerce grows, retailers continue to be a prime target for cyber attacks due to the higher volumes of personally identifiable information (PII) and payment card information (PCI) being handled. This data can be sold, used and exploited by malicious actors for potential financial or personal gain. With retail sales fluctuating year-over-year, customer trust and…

Kroger Customer Data Compromised by Vendor Hack
February 22, 2021 at 7:13 pm

Kroger Co. said in a statement Friday that personal data, including Social Security numbers of some of its pharmacy and clinic customers, may have been stolen in the hack of a third-party vendor’s file-transfer service. The third-party vendor, Accellion, was used by Kroger as well as many other companies for secure third-party file transfers. Accellion notified Kroger that…

3 Key Steps to Provide Secure and Seamless Online Experiences
February 14, 2021 at 2:10 pm

A recent survey revealed that more than half of all consumers (56 percent) plan to continue shopping primarily online post-pandemic, compared to just 5 percent who say they will shop only in-person afterward. In fact, data showed that half as many people shopped inside stores last Black Friday compared to 2019, while, in stark contrast,…

How Retailers Should Address Magecart Web Skimming Attacks
February 10, 2021 at 12:40 pm

In my previous article about Magecart web skimming attacks, I recapped some of the noteworthy victims of this cybercriminal collective and how attackers managed to breach them. Today, security teams in retail are mostly aware of this threat, however, navigating the different technologies and products that claim to be effective towards Magecart isn’t an easy…

The Growing Threat of Web Skimming Attacks in Retail
February 3, 2021 at 4:43 pm

Magecart was certainly one of the most infamous names in 2020 when it came to cybercrime in retail. Just a few years ago, the notion of having cybercriminals silently place a skimmer in your own e-commerce website would sound absurd. Yet, to date, thousands of retailers have been breached, unknowingly allowing attackers to steal their…