Caribou Coffee Stores Hacked for months… but what about your business? — Psinergy LLC
X
Menu

Caribou Coffee Stores Hacked for months… but what about your business?

For businesses today, taking credit cards and storing information on a computer is a normal practice, though is data security? In today’s world, it isn’t “whether you will be hacked”, it’s more a matter of “when will you be hacked”. We’ve seen a number of companies hacked over the last few years and their client data compromised. The most recent larger company is Caribou Coffee.

According to the Data Security Notice they published on December 3, 2018 (17-days before alerting the media), 265 Caribou Coffee shops around the nation were actively being hacked from August 28, 2018 through December 3, 2018  with their customer’s credit card information being stolen right from their Point of Sales terminals! This issue was first detected on their network on November 28th, but wasn’t stopped for 5-days after… and 97-days after the first signs of the hack! The sad part is… this isn’t abnormal.

 

Small Business Owner thinking about thingsCompanies of all sizes need to be mindful of this

Companies of all sizes are at risk of being hacked and exposing their customer’s private data, from 1-person sole proprietors to companies with thousands of employees and a dedicated security department. It is not a matter of “if you will be unlucky enough to be hacked”, but “when will you be hacked and how can you slow them down”. As an example, our company on any given day has seen, on a slow day… 1 or 2 hacking attempts, to literally hundreds of hacking attempts on a particularly busy day… and we’re a very small local business. Luckily, we are very mindful of digital security. Hackers will not stop… because the information to them is valuable, and to be honest, it’s surprising that we don’t hear about more companies being compromised.

 

 

Common Misconceptions

  • But I don’t store credit card data on my computer, I type it into my online processor:
    There are things called screen recorders, keyloggers, and the like that easily bypass any security you think you have with not actually storing this data on your system(s).
  • But I don’t store customer data on my computer, everything goes into XYZ online drive:
    Again, there are things called screen recorders, keyloggers, trojans/remoStop your hurting my headte control software that makes any security that your online data storage provider completely moot.
  • I’m too small for them to care about:
    We’re a 2-person shop, and as we have already stated, we see between 1 to hundreds of hacking attempts a day on our internal network (that’s not even including our websites). Think about it this way — they can be attacking multiple “places” at the same time, they have no clue how big or small you are, and honestly, a smaller business or consumer is a better target for them because you’ve likely implemented fewer security measures for them to have to jump through and a lot less likely to be caught or stopped.
  • I don’t save any personal data on my computer:
    You’ve never logged into your email? The amount of personal data just included in your email, for most, is astounding and most don’t realize how much their email contains. Additionally, many sites send a password reset link to your email. They can also use you as a stepping stone to everyone you know and love.
  • I have bad credit/don’t have any money, so it won’t do them any good:
    You could have worse credit or less money. They can also file fraudulent tax forms on your behalf. One way to think about this also… do you have the time to deal with the hassle of your life being turned more upside down and more drama?

 

Ways Businesses can slow their chances of being hacked and compromised

Locked chains around keyboardSome people might think “Well… if a large company can’t protect themselves… why would I even bother trying?”. My response to that is “Well… part of the unwritten social contract of you being in business is that you will do your best to protect your clients and customers data that they have given you. It doesn’t matter if you are a healthcare company governed under HIPAA, or a hobby business making candles and jewelry. You need to do your part and not be grossly negligent with their information.”

  1. You must have a good, active, up-to-date anti-virus system on your computers — Windows, MacOS, Linux, phones, and other digital devices. There is not a system today that is immune to viruses and malware.
  2. Make sure you have an active firewall.
  3. Make sure you have all your system updates installed! (You’d be surprised at how many people we’ve seen that don’t… including businesses). If you suck at applying updates to your computer — pay a company to do it for you. (just make sure they are reputable, have good employment practices, and someone you can trust with everything… because they will have open access to your system).
  4. Don’t just willy-nilly be installing different programs and apps (i.e. games, tutorials, etc) on your computers or phones. Research first: is this a good, reputable program and company that made this? You thought “fake news” was bad… bad programs/apps are worse.
  5. Make sure you are applying updates to your devices in a timely fashion. This goes for ALL devices. Keep in mind, phones are the most notorious for crappy security, and security updates have been known to be delayed months (that is if you ever even get that update from your provider).
  6. Your business and home networks should have a network security appliance. Your run-of-the-mill, ever day router will not cut it anymore. Some nice, affordable ones for home users and businesses are ones like the Bitdefender Box 2 ($179-$250), the Unifi Security Gateway ($99-$140), the Netgear AC2300/N7000P with Netgear Armor ($160-$200). There are other options as well, some are less expensive, some are more expensive. Some have more features, some have less. For our business, we employ multiple different practices, not just one. Reminder: you will need to login to these devices (in most cases) to check for updates, etc! Next — these devices (modem, router, etc) should be in a locked cabinet, room, etc with limited access.
  7. Take your computer into a professional at least once or twice a year to be inspected. We offer this as our “Tune-Up service” but it’s way more than just speeding up your computer.
  8. Never ever let someone you do not know and trust touch or remotely access your computer or device. Some hacks take less than 5-seconds to implement when having direct access to a device.
  9. Regularly scheduling security scan(s) of your device(s). For personal devices, it depends on how often you use that device. For businesses, scans should be done at least daily, if not more.
  10. Do not let employees “Bring-their-own-Device”. This is a horrific practice all in the name of saving money, and you’re just asking to be hacked. On that note, if at all possible (this can be very tough for a small business, and possibly impractical), separate personal and business. If possible, have separate personal and business devices (including phone), and email. Only do personal stuff on personal devices, and only business stuff on the business devices. Additionally, have different passwords.
  11. If it is a mobile device, it should be encrypted.

 

Realize, this is not an all-inclusive list, and this is an ever-changing field of engagement. This is only to help give you a stepping stone to give you some concept of how to protect yourself and customers.

 

 


 

The post Caribou Coffee Stores Hacked for months… but what about your business? appeared first on Psinergy Tech.

You Might Also Liked

Change your Facebook password now! Severe RCE Flaw Disclosed in Popular LibreOffice and OpenOffice Software — The Hacker News UPnP has been a security risk for years, but now it’s WORSE! Avast had a glitch! – “DNS server isn’t responding” Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer — The Hacker News Tips for Success with Build 1803 Keeping your Computer Healthy during the Holidays New Airborn Virus on Multiple Computer Platforms

Upcoming Events

Jun
10
Mon
all-day Jupiter at Opposition
Jupiter at Opposition
Jun 10 all-day
The giant planet will be at its closest approach to Earth and its face will be fully illuminated by the Sun. It will be brighter than any other time of the year and will be visible all night long. This is the best time to view and photograph Jupiter and[...]
Jun
12
Wed
6:00 pm Signals of the Body & Activating... @ Psinergy Natural Health & Holistic Wellness
Signals of the Body & Activating... @ Psinergy Natural Health & Holistic Wellness
Jun 12 @ 6:00 pm – 9:00 pm
Signals of the Body & Activating Dreams for Healing @ Psinergy Natural Health & Holistic Wellness
Learn 21+ Holistic self-care therapies that use a combination of touch and a special blend of essential oils and light to clear blockages and help promote health and wellbeing in this 1/2 day workshop. Therapies include body zones to promote dreaming, release emotional polarities and promoting emotional balance and areas to[...]
Jun
21
Fri
10:54 am Summer Solstice
Summer Solstice
Jun 21 @ 10:54 am – 11:54 am
In the northern hemisphere, the longest day of the year when the Sun is farthest north. The summer solstice marks the first day of the season of summer. In the southern hemisphere, this is your winter solstice, marking the shortest day of the year. The declination of the Sun on[...]
Jul
2
Tue
10:00 am Total Solar Eclipse
Total Solar Eclipse
Jul 2 @ 10:00 am – 11:00 am
A total solar eclipse occurs when the moon completely blocks the Sun, revealing the Sun’s beautiful outer atmosphere known as the corona. The path of totality will only be visible in parts of the southern pacific Ocean, central Chile, and central Argentina. When it makes landfall, it’s going to zip[...]
Jul
9
Tue
all-day Mercury Retrograde Begins
Mercury Retrograde Begins
Jul 9 all-day
see http://cantonbecker.com/retrograde for details…Click to print (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Twitter (Opens in new window)MoreClick to share on Reddit (Opens in new window)Click to share on Pocket (Opens in new window)Click[...]
all-day Saturn at Opposition
Saturn at Opposition
Jul 9 all-day
Saturn rules the summer sky, but on this night, the ringed planet truly takes center stage. When it reaches opposition (its closest approach to the Earth), Saturn will be bright and fully illuminated by the Sun. You may even notice that its rings look brighter than usual thanks to a[...]
Jul
13
Sat
10:00 am Colorpuncture for Me and My Family @ Psinergy Natural Health & Holistic Wellness
Colorpuncture for Me and My Family @ Psinergy Natural Health & Holistic Wellness
Jul 13 @ 10:00 am – 6:00 pm
Colorpuncture for Me and My Family @ Psinergy Natural Health & Holistic Wellness
An Apothecary of Light class These simple treatments from Esogetics Colorpuncture are designed for health maintenance and self-help with common complaints from a natural health viewpoint. The therapies learned in this module are for everybody, be it at home or on the road. We are offering this workshop for health-conscious[...]
Jul
28
Sun
all-day Delta Aquarids Meteor Shower
Delta Aquarids Meteor Shower
Jul 28 all-day
The Delta Aquarids is an average shower that can produce up to 20 meteors per hour at its peak. It is produced by debris left behind by comets Marsden and Kracht. The shower runs annually from July 12 to August 23. It peaks this year on the night of July[...]
Jul
31
Wed
all-day Mercury Retrograde Ends
Mercury Retrograde Ends
Jul 31 all-day
see http://cantonbecker.com/retrograde for details…Click to print (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Twitter (Opens in new window)MoreClick to share on Reddit (Opens in new window)Click to share on Pocket (Opens in new window)Click[...]
Aug
10
Sat
10:00 am Intro to Esogetics Crystal Thera... @ Psinergy Natural Health & Holistic Wellness
Intro to Esogetics Crystal Thera... @ Psinergy Natural Health & Holistic Wellness
Aug 10 @ 10:00 am – 6:00 pm
Intro to Esogetics Crystal Therapies @ Psinergy Natural Health & Holistic Wellness
An Apothecary of Light class These simple treatments from Esogetics Crystal Therapies are designed for health maintenance and self-help with common complaints from a natural health viewpoint. The therapies learned in this module are for everybody, be it at home or on the road. We are offering this workshop for health-conscious[...]