How to Determine Your Data Loss Risk Score & Protect Your Company From a Total Loss
If you’ve read any of our recent blogs, you know how vulnerable your data is to hackers and that by not having a protection plan in place, you are at...
2 min read
Valeo Networks : Feb 2, 2019 12:00:00 AM
If you shop with Discover, don’t be surprised if a replacement credit card arrives in the mail. The company is replacement cards after data breach compromised an undisclosed number of customer accounts, according to a recent filing with the State of California.
While the breach was initially detected in August 2018, news of the intrusion didn’t reach the general public until Bleeping Computer reported the filing of an incident notification with the state’s attorney general’s office January 28. California law requires the reporting of any data breach affecting more than 500 residents.
Discover Financial Services said the breach did not occur within its own systems. It is believed that the card information was either stolen by hackers from third-party merchants or that the data was discovered for sale on the black market after being stolen via skimmers or data-hijacking malware.
Along with issuing new cards to affected customers, Discover advised cardholders to watch for fraudulent activity on their accounts and assured them that they would not be held responsible for unauthorized charges.
The incident underscores recent regulatory changes on the international, federal and state levels designed to protect customer data.
“New legislation, such as the EU’s GDPR, the pending California Data Privacy Act coming into force in 2020, and the new national bill proposed by Marco Rubio, the American Data Dissemination Act, create a regulatory barrier only met by the end-to-end use of encryption within these financial systems,” CipherCloud chief strategy officer Anthony James recently told SC Media. “You must ensure that your data is encrypted in the database, in transit (e.g. middleware, API) and in use. Similarly, your business partners must be held to the new standards you require internally.”
Experts responding to news of the breach stressed that companies handling sensitive payment information must broaden their approach to data security to protect customers.
“It’s crucial to protect sensitive data over the entire data lifecycle – from the POS device to processing to backup,” Felix Rosbach, product manager with comforte AG, told SC Media. “Implementing data-centric security, which means at the earliest possible point and de-protecting it only when absolutely necessary, is the only way forward.”
Third-party breaches across multiple industries have come to light through recent filings with the California Attorney General’s office. In addition to the Discovery Financial Services, Verity Medical Foundation, Verity Health Systems and Allen Chern LLP made routine security incident filings in accordance with state law.
At Valeo Networks, we embrace the Center for Internet Security’s Top 20 Controls as a “Defense in Depth” philosophy for all customers. This approach can help your organization reduce and mitigate 80% to 90% of cyber risk exposure. Should your organization need a Cybersecurity Risk Assessment, contact us today.
If you’ve read any of our recent blogs, you know how vulnerable your data is to hackers and that by not having a protection plan in place, you are at...
1 min read
The California Consumer Privacy Act and the European Union’s General Data Protection Regulation Affect the Data Protection Policies and Procedures of...
Risk management is the process of identifying all possible risks to your business and building a plan to prevent or counteract them. This includes...
With cutting-edge technology and quality customer service,
you’ll find everything you need to help your company soar
with Valeo Networks.
1006 Pathfinder Way
Rockledge, FL 32955
Business Hours:
M-F: 8AM-9PM
© 2024 Copyright Valeo Networks. All Rights Reserved.