Target reimburses $39 million to MasterCard Inc.

On Dec 2, 2015,  Target Corporation in the US announced it had agreed to reimburse MasterCard Inc. and other U.S. financial institutions a total of about $39 million to settle claims brought against the retailer in connection with its massive 2013 data breach.

This settlement comes on the heels of a $67 million agreement Target struck in August with Visa Inc. on behalf of banks and other firms that issue credit and debit cards.  Combined Visa and Master Card implications at Target are around $ 106 M.  While the final numbers will likely be buried somewhere in an annual report a year or two down the road,   total Target loss estimates vary widely. We can all agree however that you have to sell a lot of bread to recover this kind of bread.

Target’s data breach exposed 40 million credit and debit cards to fraud during the 2013 holiday season. The Minneapolis-based company’s breach ranks among the most high-profile data incidents to hit retailers in recent years.

Other costly breaches at other well-known merchants include Home Depot Inc.,   luxury retailer Neiman Marcus Group, and  P.F. Chang’s China Bistro chain.  Dollar figures from the web are not terribly accurate as civil suits continue to wend their way through the US courts.  Liability and class actions suits can take years to finalize.

Our earlier posts on Cybersecurity generated many positive responses and asked that we provide some sort of mechanism for our readers to measure what they are facing.  We all certainly are not Target Stores with annual sales of $ 72.6B USD. So how does the Small to Medium sized business get a handle on the cost of a data breach?  Jolera has found the Ponemon Institute’s Canadian Data Breach  Study May 2015  most informative.  This report was sponsored by IBM but produced independently by the Ponemon Institute.   Verizon’s  2015 Data Breach Report  contains much useful information as well.

We can distill much of the information and there are many inexpensive fixes you can do tomorrow to shore up your defenses.

40% of the Solution is Not Rocket Science 

Some of the suggestions are things your sensible mother would have mentioned had you asked the question.  Lock the machine when you leave your workstation, make sure no one is looking over your shoulder, use passwords whenever feasible to protect data.  The Ponemon Institute has categorized some security measures which are easily managed and can have a significant impact on your security posture.   Admittedly some of the solutions require a discipline and internal surveillance which may impose a “cost” however there are relatively inexpensive quick wins which will you get some distance down the road.

 

40% of the solutions fall into the quick fix category, they are no-brainers.

So now you are probably doing some mental gymnastics weighing the cost of implementing and monitoring some of these solutions at your place.  The IBM has a blunt tool to help you estimate the cost of a major data breach at your business.  The numbers can be scary and, of course, there is always the hurdle of getting the C-Suite on-side when dealing with intangibles.

Let me suggest a possibility.  Get the Jolera team to lend a hand.  We have over 100 high-tech minds,  and 10,000s of hours of practical hands-on experience to place at your disposition.  Together we can be formidable.  No matter how complex your IT questions we can help you take decisive action and achieve those “elusive” results.