Credit Card Thieves Targeting Gas Pumps
April 14, 2020Should I Replace My POS System?
April 28, 2020For criminals small bits of your information is valuable. Anything from your name, your address and your phone number can help a thief commit identity theft. In some cases we give much of this willingly on social media and we depend on those companies to protect our information through encryption and tokenization. One of those companies, Facebook, has been under a lot of fire for a lot of reasons and one of those reasons is that they did not secure the information of 267 million users in December.
Facebook Data Exposed
In December the list of the users information compromised was found on hacker websites and available to be downloaded. It included Facebook user IDs, phone numbers and the name of 267 million users. That is a lot of people and a majority of the information exposed was that of American users.
What Can A Thief Use This Information For?
That information can be used to create fake identities which can be used to open merchant accounts or get a credit card in that person’s name. Other information will be needed to create those accounts but that information may already be in hand or it can be fabricated. Think about how much information is publicly available already on social media. It can include where you went to school, where you work, your marital status and much more.
At the same time it is possible to do much more thanks to that data. Emails can be crafted to try something like a phishing attack or to create fake social media accounts to harvest more information or trick people into giving money. If you are on Facebook you have probably encountered something like this at least once. Most people are smart enough to avoid this but not everyone is.
PCI Compliance Is Needed For A Reason
Now of course your business is not the size and scope of Facebook but you have a lot of your customer’s information in your systems. That needs to be protected and that is why PCI Compliance exists. Encryption and tokenization are just the beginning and by working with a reputable payment processor you can make your data as secure as possible.
Also remember that PCI Compliance is a year-round effort. Testing may only be once a year but maintaining compliance is something that needs to be done all 365 days (or 366 like we have here in 2020). All data breaches have one thing in common and that is that the victim was outside of PCI Compliance when the breach happened.
Facebook has been under a lot of fire recently and this did not help them. It may have gone under the radar with the presidential campaigns (and the other major story) in full swing but that is no excuse for not securing customer data. Don’t be like Facebook, secure your customer’s data!