Wendy's Data Breach
It seems far too often we are reading about another data breach... but why?
Wendy's is the latest data breach victim to be publicly outed and it's really starting to come as no surprise. I almost expect to be reading about another breach almost on a weekly basis. The vast amounts of data and vast amounts of those attempting to steal that data makes it almost inevitability.
However, also within that context is another true statement that is very telling about digital security. Company's and individuals simply aren't doing enough when it comes to digital security to successfully mitigate the risks associated with conducting business and activities online. This article examines what happened to Wendy's and what this tells us about digital security in today's ever digital world.
Looking for other great articles about digital security? Check out these posts from our blog! Also, if you're looking to make your CMS more secure, download our 'CMS Security Checklist'!
- One Step to a safer WordPress Website
- It's a Trap! The Major Flaw in Proprietary CMS
- 1 Easy Way to Improve your Google Ranking
1. What happened?
Well, in short - Malware happened. Malware is essentially malicious software installed on your computer - generally without your knowledge. Wikipedia defines malware as:
"Malware' is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software."
Wendy's has reported that sophisticated malware on their computers was used to steal credit card information including credit card numbers, cardholder names and expiration dates. The malware specifically targeted this information within their system. There is no doubt, the level of sophistication that Wendy's was attacked with was impressive, but most likely could have been prevented. This is something that no CEO wants to hear at the same time the CFO is crunching numbers for what it's going to cost in damage control.
2. preventative measures
The amount of data breaches is ever increasing in the United States - and that is a trend that this blogger does not see changing anytime soon. As seen in the chart provided (courtesy Digital Guardian) we've seen a significant increase since 2005.
With this is going to come an increase in the demand for digital security services. Whether that's increased security at POS (point of sale) devices like credit card swipers and scanners to increases in online security services like those who make websites with increased security measures as well. Basically, the demand for preventative security measures should increase along with the increase in breaches.
3. this is gonna cost them
It's quite possible that there isn't much Wendy's could have done to prevent this type of data theft... but not likely. Malware can be devastating but with today's more sophisticated approaches to detecting and rooting it out, it's more likely than not that increased use of digital security software, or better use of digital security best practices could have easily prevented this attack.
So one must ask, why was this allowed to happen? I would bet my left arm that right now Wendy's is reaching out to enterprise level digital security firms setting meetings, requesting consultations and reviews of their practices and software, scanning their servers... the list goes on. Bottom line, this is going to cost them. This is going to cost them in more ways than one and I don't think it's an overstatement to say that it's going to cost them a lot more than increased security measures would have. Just like health care, preventative care is always the best option for both your health and your wallet.
Someone is going to have to answers for why they didn't have more robust security measures in place and I wouldn't want to be the guy who has to answer that question with "we were trying to save $$$ so we were using outdated, under powered, and inappropriate security measures". This goes for both the software they use (anti-virus, malware prevention) and with best practices when it comes to security (passwords, user access, etc.).
WHAT THIS TELLS US:
What Wendy's data breach really tells us is that no one (or company) is safe. If you're company uses the cloud to store data or conduct email, if you use iCloud on your Apple device, if you do banking online, if you sell things online, or simply use your credit card at a fast food restaurant - you and possibly your company are inherently at risk for cyber attack. There is simply too many people around the world constantly trying to gain access to personal and financial data and too much data to be stolen. BUT THERE ARE THINGS YOU CAN DO! (The Silver Lining).
If you're a business, consult with digital security experts - find out what you're currently doing and what you could be doing to mitigate your risks. The cost of increasing the digital security in your personal life or at your company will pale in comparison to the cost of damage control after a data breach happens. Preventative measures are cost effective - don't believe me? Ask Wendy's - who now has to pay for identity theft protection for thousands (possibly millions...) of customers that simply bought chicken nuggets and fries using their credit cards. Ouch.
Thank you!
Thanks for reading this article about digital security from the Digital 1 blog! To help secure your CMS click below and take the first step towards increased web security!
