Target breach continues to yield further privacy issues
February 3, 2014

Although most retailers look to the final weeks of the year as the best time to maximize annual revenues and drive customer engagement going into January, Target suffered a devastating blow that made headlines in late December. Now, the massive retailer is still reeling, trying to get a handle on the breach that led to the exposure of more than 110 million customers' personal information.

Businesses that manage financial data need to be extremely careful and take proactive approaches to access management, as one vulnerability can lead to massively negative consequences. Studies indicate that a mere 6 percent of businesses in the United States survive for more than two years following a substantial loss of data, and stronger authentication practices can mitigate these risks. 

Going into the next few months, Target will have to literally scramble to get the breach under control, notify all of the impacted customers, earn back the trust of clientele and many other costly activities to survive this devastating breach. If there is one lesson to learn from this event, it is that a breach can never be simply swept under the rug, and that a lack of exceptional identity management can lead to significant instances of theft. 

Not going away
Rochester Homepage recently reported that Target's officials have provided customers with myriad warning since the breach first occurred more than a month ago, and that investigators believe roughly 110 million shoppers' names, addresses, phone numbers and email addresses are in the hands of criminals. This is more than enough information for an identity thief to do his work, setting up fraudulent accounts and levying funds from someone else's credit.

The source interviewed Jon Maurer, an Information Security Officer, who explained that payment card data must go through 200 requirements when being stored, and even the lack of one can be a major vulnerability. 

"For large retailers they are supposed to be audited on a regular basis, and therefore they're supposed to be in compliance with these payment card industry data security standards," he told the news provider. "So for the consumer that's just sitting there at the terminal swiping their ability to discern whether the company is in compliance with all of those 200-plus requirements is very difficult."

As many financial institutions, payment processors and retailers have learned the hard way in the past several years, trying to stop damages from growing further after a breach occurs is almost impossible. A proactive approach to multi-factor authentication can often halt the breach before it occurs, or at least control it during the aftermath. 

Is it the worst?
NBC News recently reported that some experts are calling the Target breach the worst in recorded history, as it has already cost the company more than any other organization has had to pay for a breach. What's more, as aforementioned, the costs keep going up and will not likely peak for several months, if not years. 

However, while this broke the record for both costs and the number of individuals impacted, the source argued that breaches of this type have become relatively commonplace. Hackers have become exceptionally apt at circumventing either antiquated or vulnerability-filled security practices, and firms that manage financial data have yet to make a big difference in their pursuits of access control. 

Regardless of which industry an organization operates within, though, authentication must be a high priority going into the next several years. Identity theft and data breaches remain some of the most common and damaging economic threats in North America today. Through more widespread and comprehensive use of advanced access control measures, firms can begin to fight the crime from the ground up.