Securing Data

Recent headlines have included the security breach of Citibank's network of ATMs inside 7-Eleven Stores, where hackers managed to steal customer PINs – the most guarded part of a banking record. Based on initial gatherings it would seem that the PINs aren’t being encrypted properly while in transit between the ATM and the computers processing the transactions.

Investigators are still determining the number of customers impacted as well as how the hackers infiltrated the system – all that is known is they hacked into the ATM network through a server at a third-party processor, meaning direct contact with the ATMs wasn’t necessary. The approach is noteworthy, because historically there would be physical evidence of the tampering either at the machine or through the sending of phishing emails.

This breech is a warning to everyone, on a corporate level data security is paramount – every portion of the consumer’s profile is valuable to a would-be hacker or identity-thief. This is also an indicator that customer education is a valuable service, if your recipients know your communiqués; they are more likely to spot a phishing message and can be the first to alert you. Additional best practices would be to supply tips on avoiding common mistakes and to create a repository to research past emails/ alerts so that if a recipient is in question of the message they can quickly determine authenticity.

On a personal level, use your credit/ debit card wisely, monitor transactions and change your PIN periodically. As a recipient, pay attention to communications sent by your bank or credit card company – by knowing how notices are sent (email, SMS or print mail), their format and typical content/ voice you are in a better position to detect a phishing email or fraudulent claim.