Weekly Wrap Up | Sept, 5 2014
This week's wrap up will provide key details of a possible The Home Depot breach and an update to the Chase Bank data breach.
The Home Depot
Key Details
-No official confirmation to a data breach -The Home Depot hired Symantec Corp. and Fishnet Security to investigate -The Home Depot is fast tracking deployment of Chip-and-PIN cards to be complete by the end of 2014 -Customers will not be liable for fraudulent charges -If breach is confirmed Home Depot will offer free identity protection services to affected customers
Lessons Learned
This is a prime example of how a data breach should be addressed. The Home Depot has done (so far) a phenomenal job in keeping the public and more importantly its customers informed, even though they haven't actually confirmed a breach yet. It also goes to show that the infamous Target breach isn't the last of its kind either. Along that note, companies like Target and more recently Home Depot have many more resources to work with in preventing these kinds of things from happening so what is the small business owner supposed to do to protect themselves? This should further solidify that nobody is immune to breaches and everybody needs to take proper steps to make sure they don't become the next victim.
News Stories
- Customer update on payment breach
- Home Depot working 'around the clock' to find data breach CEO says
- What It Means For Home Depot If Data Breach Is Larger Than Target's
Chase Bank
Key Details
-Unlike the Home Depot breach this breach is confirmed -Discovered weeks ago, but investigators are unsure if the hackers have been removed from the network -Attackers entered through a vulnerable Linux server -Possibly same attackers as the Home Depot and infamous Target breach -Attacks may have from Russian soil
Lessons Learned
Some people may think that even with all their resources a major bank was still breached, so why should I even bother to protect my assets. That question simply boils down to what would you do if a catastrophic breach occurred? Chances are if you don't take any steps to prevent and mitigate an attack one will happen and you will not survive. There are so many simple steps that pretty much any company can take to help prevent attacks on their systems. Most of them involve educating employees, which can be much easier than one might think.