Data theft has exploded in 2008 as the total number of records compromised stands over 285 million for 90 confirmed breaches – exceeding the four preceding years combined.

This is a trend that is continuing...according to a recent report from the Identity Theft Resource Center® (ITRC), a nonprofit which supports and educates consumers on identity theft.

Breaches in 2009 already amount to over 1.5 million records compromised with more unreported cases on the horizon according to the ITRC’s report. Those figures don’t yet include the big name breaches in the news like Heartland Payment Systems and RBS Bank, both who were hit hard by large breaches involving potentially millions of records being compromised. Although large company breaches are making news lately, Visa® has stated on its website that a majority of data breaches are actually from small and medium sized businesses.


“Often we find there’s a ‘hear no evil, see no evil’ mentality.” explains Dustin Niglio President of Payment Logistics Limited, a data security and credit processing company headquartered in San Diego, CA, “This happens because small business owners don’t see their peers in the news which leads to a lack of data security preparation under the assumption ‘I’m too small to matter’ – unfortunately this makes these businesses easy targets for data thieves.”

The Payment Card Industry’s Data Security Council, an association comprised of security experts from major card brands including Visa®, MasterCard®, Discover® and American Express® have assembled a set of 12 guidelines known as Payment Card Industry Data Security Standard (PCI-DSS). The standards are meant to help businesses strengthen their security systems. Compliance with PCI-DSS is mandatory for all businesses accepting credit or debit cards however this can prove a daunting task for business owners.  

Editor's Note:  HomeATM has the solution for Internet Retailers.  It's simple.  This from TechDirt:  

"The most effective way to get rid of Card Not Present fraud is to make
the Card Present. In the brick and mortar world the customer goes to
the store and swipes their card (and enters their PIN) into a Point of
Sale device at the store...hence card present. In the "virtual" world,
since the customer can't go to the store to swipe their card and enter
their PIN into a POS device, they need to have their own "personal" POS
Device. HomeATM designed and currently manufactures the "first and
only" PCI 2.0 Certified PIN Entry Device designed exclusively for e
Commerce. ($15)
Data leaking is also solved as it 3DES Encrypts the data inside the box
and the data is NEVER in the clear. It is sent encrypted and is not
decrypted until it reaches its destination (which has a unique key to
unlock each transaction) With fraud at an all time high, and growing
higher still, this is the only way to secure financial transactions on
the Internet. To read more about Payments Security, feel free to visit
the PIN Payments News Blog at http://PINDebit.blogspot.com

Continue Reading 2008 Breaches Surpass Previous 4 Years Combined

Posted by John B. Frank Monday, May 18, 2009

0 comments

Payments Industry News Blog

Search the PIN Debit Blog by Subject

Kapersky Calls for Mass Adoption of Card Readers

Kapersky Calls for Mass Adoption of Card Readers