Counselor Commentary: Target Data Breach Lessons

Minnesota-Based Company Under Enormous Scrutiny

Dave VagnoniDuring the Christmas season, there are always many things to be thankful for. This year, retailers are especially thankful about one thing – that they’re not Target. After suffering the second largest data breach in U.S. history, the Minnesota-based company has come under enormous scrutiny, and deservedly so. The breach is as serious as it gets – as many as 40 million customer debit and credit cards were compromised beginning on Black Friday. The latest news could be the most concerning yet, as it appears hackers may have stolen encrypted PIN numbers as well.

The whole mess might lead you to believe that cybercriminals are only interested in the big score. The reality, though, is that smaller companies are more susceptible and more often targeted by hackers. A recent Ponemon Institute survey found that 55% of small businesses ($10 million or less in annual sales) have had a data breach and 53% of those companies have had multiple breaches. What happened to Target should be a reminder to every business – ad specialty industry companies included – that data protection is an important part of good customer service.

How can you ensure your firm’s data is safe? Security consultants admit there’s no foolproof way, but there are a few steps you can take to greatly reduce the chances you’ll be victimized. Encryption is a critical part of any good protection plan, along with firewalls, updated anti-virus software and frequent employee training on the subject. For a more detailed list of suggestions, click here to read a Counselor Q&A that focuses on data security.

Besides taking preventive measures, there’s also great value in preparing a response for business missteps – whether it be a data breach or a key order that didn’t turn out right. To its credit, Target released a series of statements and contacted customers – many of whom were likely not affected – to explain how the company was trying resolve the issue. In a PR counteroffensive, Target offered customers 10% off most items last weekend and promised to provide free credit monitoring for one year to those whose information was stolen.

It’s a good start, but the retailer has a lot to do before its reputation is repaired. Before the breach, YouGov’s Brand Index, which measures perception among consumers, scored Target at 26 on its scale, which ranges from -100 to 100. After the breach, Target’s number dropped to -29.2. Sure, it’s a reaction to the constant media coverage and Target, like TJ Maxx and Marshalls did after a breach several years ago, will recover. But your company isn’t Target – which is exactly why data security should matter so much to you.