« Back to All News
The Year of the Breach
The Year of the Breach
December 19, 2014
Print

The Year of the Breach

By Aaron Passman

Published by Credit Union Journal, December 19, 2014

It’s the most wonderful time of the year — unless you’re paying with plastic, in which case this holiday season might be a little scarier than in years past. The biggest financial story of 2014 didn’t actually begin this year. One week before Christmas 2013, news broke that Target Corp. was the victim of a massive data breach, with 40 million customers’ credit and debit cards exposed.

Since then, retailers including Home Depot, Jimmy John’s, Bebe and many others have been hit, along with a massive attack on Apple’s iCloud during the summer, which exposed thousands of users’ private information, along with compromising photos of celebrities such as Jennifer Lawrence and Kate Upton.

Target’s breach was the result of weaknesses on behalf of its HVAC vendor, which ultimately enabled hackers to gain access to the company’s POS terminals. Bluepoint’s Tilbury noted that one factor that made the Target breach such a big story wasn’t just the retailer’s high profile, but the timing — dead center between Black Friday and Christmas. So now that the 2014 holiday shopping season is almost in the books, what can credit unions do to protect themselves and their members?

“If they haven’t done something by now, it’s too late,” said Tilbury. Much of the problem, he explained, is that many of the vulnerabilities happen at the point of purchase, which is out of the control of credit unions. “Obviously in terms of safeguarding their own information, [credit unions] can do a lot, but in terms of somehow protecting a transaction that happens at a second party, I don’t know how much they can do.”

One of the major takeaways from this year is that anyone can be a victim. And that applies to credit unions as well as retailers, emphasized Andrew Tilbury, chief marketing officer at Bluepoint Solutions. “CEOs are on notice that if they fail to respect safeguarding their members’ information, it could have disastrous impacts on their reputation, their career and the reputation of their credit union,” Tilbury said.

Print