U.S. Retailers Face Increased Holiday Hacking Threats

Computer Password
Source: Thinkstock
About one-third of all data breaches in the retail sector are traceable to a third-party vendor. That’s what happened earlier this year when The Home Depot Inc. (NYSE: HD) were hit with a hacking attack that compromised millions customers records. Retailers share data with their suppliers all the time, and it’s that long supply chain that makes these attacks difficult to stop.

According to online security firm BitSight Technologies, security performance has dropped by an average of 90 points at 58% of the retailers it has analyzed since November 2013. BitSight’s ratings scale ranges from 250 (poor) to 900. A 10% drop in performance does not bode well for this year’s shopping season. Security performance at 34% of retailers improved and performance remained flat at the rest.

Among 20 large retailers which suffered a major data breach in the past year, security performance has increased by an average of 50 points at 75% of the companies since the breach occurred.

Malware distribution increased by 200% in the 12-month survey period and botnet infections rose 29%. Other not-particularly-good news is that average response times to attacks on retailers’ networks increased by about 5%. Better news is that spam propagation fell by 12%.

The latest report from the Identity Theft Resource Center (ITRC) reveals that there has been a record total of 696 data breaches recorded through November 25, 2014, and nearly 81.5 million records have been exposed. The previous annual record high was set at 662 in 2010, and this year’s total to date is about 26% higher year-over-year.

The total number of data breaches increased by 17 in the week and the medical/healthcare sector continues to post the largest percentage of the total breaches, 42.7% (297) out of the total of 696. The number of records exposed in these breaches totaled 7.87 million.

On the basis of the number of records exposed, the business sector accounts for 64.7 million breached records in 223 incidents.

The number of banking/credit/financial breaches remained flat at 41 for the year-to-date, and involved 1.18 million records, some 5.9% of the total and 1.5% of the number of records exposed.

Since 2005 there have been 4,942 data breaches tabulated involving more than 673.5 million exposed records.

ALSO READ: Online Sales Rise 12 % on Thanksgiving Day