Saks Fifth Avenue and Lord & Taylor are adding their names to the growing list of major businesses that have been cyber attacked. Many of these retailers have had their PoS systems breached, resulting in the potential compromise of information for millions of debit and credit cards.
Details about the Attack
One distinctive feature of the Saks and Lord & Taylor breach was that it was not only a PoS breach. Instead, the hackers took over the network to gain access to the confidential financial information. In these types of attacks on major retailers, hackers gain access to the network when privileged accounts are compromised. Traditionally, these cyber thieves gain access through phishing attacks, steal privileged information and elevate their privileges while gaining access to information through the network. The end goal for many of these thieves is the PoS system where the thief can steal information from debit and credit cards.
How to Prevent PoS Breaches
Retailers do not have to stand idly by until they become the newest victims of these PoS attacks. Some ways to reduce the likelihood of falling victim to a cyber attack include:
- Use EMV or Chip-and-Pin Technology – The latest chip-enabled cards prevent privileged information about payment cards from being exposed. Replacing outdated magnetic strip readers with newer chip-enabled technology can protect cyber attackers from gaining access to his information.
- Close Security Gaps – Attackers often gain access to PoS systems through employee’s compromised information. Retail networks should be secure and separate from the rest of the network. Additionally, retailers can automate the vault and protect and monitor credentials to prevent these cyber attacks.
- Require Multi-factor Authentication – Implement multi-factor authentication on privileged accounts to provide greater security measures.
Contact an IT Specialist
If you are concerned that your business may be vulnerable to attack, it is important to talk to a qualified IT specialist. We can review your business’ security measures and assess your level of risk. We can recommend and implement best practices to provide greater security to your network. To schedule a professional consultation, contact us.