​The latest retail chain to be hit by digital hacks is UPS. The shipping store discovered malware in the computer systems of 51 US stores in 24 states. It is now speculated that customer credit and debit card information may have been leaked. The shipping carrier mentioned that the breach affected about 1 percent of all UPS Stores. The malware could have stolen client information including names, postal addresses, email addresses, and credit and debit card data.

In the digital era of online shopping, such thefts have become common despite organizations having dedicated IT security departments of their own. Such hacks tap sensitive information and misuse it. With the increased patronage that online shopping enjoys, cyber criminalist activities have also surged. And it’s not good for business when word gets around that you lost customer information.

What really happened?

‘Backoff’ malware is suspected to be the technology used in the UPS hack, works by extracting unencrypted data from the RAM of computers used in debit or credit card readers. Cyber criminals use remote access tools like LogMeIn and Microsoft Remote Desktop to gain access to devices. The idea of shared passwords across multiple retail locations means that hackers can access customer data in several states. So, a hack in one store results in a hack in the rest of the stores as well.

As an organization, what can you do to prevent such digital hacks?

- Beef up security amidst your employees’ computer usage. During the normal course of internet usage, you run the risk of unintentionally clicking on ‘poisoned’ search results that could lead you to malware instead of your intended destination. These poisoned search results are strategically placed by cyber criminals. To manage this, use tools specifically designed to filter such malicious websites.

- When you accept credit card payments, adopt the chip-and-PIN technology, which is common in the rest of the word. After the retail giant Target fell prey to a hack, it lost 110 million credit card numbers. Then, the company began to implement more secure chip-and-PIN technology in an attempt to safeguard company data.

- Have an awareness program on security with all your staff members. Educate them on security breaches and digital hacks. Employee awareness seminars can help prevent basic attacks. Employees often make simple mistakes like clicking on a foreign attachment or a link with a strange URL- these are the most frequent kinds of hacks there are. Such a small mistake can cost the company hugely.

Once inside the system, hackers can collect any information, account numbers, birthdays, email addresses, and use them to launch complicated attacks. Even something as simple as your mother’s maiden name can be important information in a hacker’s hands.

The bitter truth is that there’s no way to secure everything, of course, but organizations can prevent low-level hacks by taking a few simple steps. With online shopping becoming the de facto choice in many places and industries, it is becoming tougher to secure information.

Image courtesy: http://claytondigitalcitizenship.weebly.com/