Hackers want more than payment card data

by. Nicole Reyes

Data thieves love to get their hands on payment card information. However, as an emerging trend reveals, payment card data may no longer be the only thing they’re after.

According to a new report from security firm Trustwave, there has been a 33-percent increase in theft of non-card financial credentials, personal communications and personally identifiable information (PII), such as social security numbers.  In all, 45 percent of thefts in 2013 involved non-payment data.

The findings were based on an analysis of nearly 700 data breach investigations conducted in 2013 along with “threat intelligence from Trustwave’s global security operations.” Weak passwords were often to blame for compromises, and 85 percent of the exploits detected involved third-party plug-ins like Java and Adobe programs.  Another interesting finding from the report is the top three countries for hosting malware: the U.S. came in first at 42 percent, followed by Russia at 13 percent and Germany at 9percent.

Studies like this underscore the importance of providing protection for the entirety of a consumer’s personal information. While recent attacks on payment card data make it tempting to focus in on banking and payment credentials, it’s important to not limit consumer education to only these areas.

Here are a few tips to share with consumers as you work to make them aware of emerging vulnerabilities in our connected society:

continue reading »