Big Waves for Data Breaches

by. Nicole Reyes

Counterfeit card fraud continues to rise. This is primarily due to the pressure stateside criminals may be feeling as they face down the country’s migration to the EMV standard.

This type of fraud begins with data breaches. Fraudsters must first get their hands the card account info before they can generate fake plastic. Fortunately, data breaches are becoming somewhat less complicated to predict, thanks in part to what my fraud-analyst colleagues and I have identified as “data-breach waves.”

Counterfeit artists and their hacker partners create these waves by sticking with one merchant type until the organizations inside that type batten down the hatches. Often, different stores in one retail chain will have the same point-of-sale (POS) terminals. So, fraudsters figure, if they can “crack the code” on one, they can crack them on all. This strategy generates double, sometimes quadruple, the amount of available data. Fraudsters, too, value efficiency.

A good example, as seen in the media lately, is the breaches hitting regional grocery store chains. Fraudsters targeted a few different grocery store chains across the nation to capture consumers’ credit and debit card information, and in some cases, even personal identification numbers (PINs).

continue reading »