The Home Depot data breach isn’t going away anytime soon. News continues to pour out about the theft of credit card info from Big Orange, and the tally currently sits at 65 million credit and debit cards compromised.
Several credit unions have sued Home Depot under claims that the retailer knew ahead of time that its systems were out of date and that hackers had access to the data for months before the breach came to light – claims that of course would need to be proven in court. Customers that suffered a loss are able to recoup their losses from Home Depot, and the retailer is offering a free year of credit monitoring to affected customers.
Although the breach doesn’t seem to have hurt Home Depot’s valuation and business the way it hurt Target – maybe because Home Depot deals more in necessities whereas Target deals more in frills – the lesson is resonating throughout North America. We certainly hear the chatter in the IT industry.
The big takeaway, and the advice we give clients, is to avoid potential liability exposure by upgrading any out-of-date systems or software. Note the accusation in the lawsuit I referenced above: That Home Depot knew it was using an out-of-date system.
The truth is that all systems are vulnerable to some degree. Passwords aren’t the ultimate protection. And we do trade risk for convenience whenever we use plastic to for online or in-store purchases. But companies that take every step to protect their data are much less exposed should a problem occur.
Sometimes system servers need a new round of hardening. Sometimes fix-packs or version upgrades are mandatory. Sometimes a vulnerable machine needs to be taken out. The first step is always to scope the current state of your security and compliance, then develop a plan from there. And keep in the mind that SMBs are the most vulnerable, because a single, successful liability lawsuit could signal the end of business.
TxMQ specializes in security and security upgrades (click here for our recent Webinar). Initial consultations are free and confidential. Contact vice president Miles Roty: (716) 636-0070 x228, [email protected].
(Photo by Scott Schiller under Creative Commons license.)