Two data breaches disclosed this year for an online retailer of specialized goods.
Website currently uses Magento, but there’s no information about either breach originating from the website. I’m sharing the information I have. Still, online retailer, so I’ll call it “likely.”
The most recent breach was discovered in late February, and review concluded in mid May, so almost 3 months. Someone accessed credit and debit card information. Maybe. Typical PII and credit/debit card info.
PII = Personal Identifiable Information. Keys to that person’s unique identity.
I researched the earlier breach for the same organiation, too. Mid July. Same scenario – credential theft. Lots of time in research. Some noted dwell time.
When an organization suffers the same cybersecurity breach type twice in quick succession, there may be several factors in play. Weigh in on what I’m missing or have completely projected as wrong?
🔎The issue’s systemic, and those take time and culture shift to remediate.
🔎Expense of the earlier data breach is causing financial distress, and fixing vulnerabilities as a priority is therefore much more difficult.
🔎The company is seen as an easy target because of the visibility of the earlier breach, and so other cybercriminals are seeing if they can get in. They broke through the same or a different vulnerability.
🔎All online retailers are targets because many accept credit cards.
Many more, I’m sure.
We want to be able to shop online and consider our purchases safe. Using a credit card (instead of a debit card) is a safer choice because of the protections built in regarding 💳credit card fraud.
When I write these, I don’t want to use their names. A little bit of OSINT (Open Source Intelligence – Googling to most of us) can probably discover the identity of the company.
The identity doesn’t change the story. Unless it’s yours, and your PII is exposed.
That changes the story.