10 Nov 2021
It’s not your imagination—the number of significant data breaches and cyberattacks is on the rise. Among the latest prominent victims is Dallas-based retailer Neiman Marcus, who recently notified 4.6 million customers that information associated with their online accounts may have been accessed by an unauthorized third party in May 2020. [i]
In addition to notifying customers, the company has alerted law enforcement and is working with a cybersecurity firm to investigate the situation. Information compromised in the attack included customers’ names, contact information, payment card numbers and expiration dates, virtual gift card numbers, usernames, passwords, and security questions and answers associated with Neiman Marcus accounts.
According to the company, of the approximately $3.1 million payment and virtual gift cards affected, 85% were expired or invalid, and they claim to have no evidence that information obtained has been sold on the dark web. Neiman Marcus has also stated that it has no reason to believe that its subsidiaries, Bergdorf Goodman and Horchow, were affected.
Neiman Marcus has also advised their customers to:
- Change their account password as soon as possible, especially if they haven’t changed it since May 2020
- Report any unauthorized activity on their accounts, and
- Monitor their credit reports for fraud.
Big Companies, Big Targets
Neiman Marcus is far from being the only major business making headlines for being the victim of a successful cyberattack this year. Among the household names that have been affected in 2021 are:
While some of these attacks have had more serious consequences than others—like the Coinbase phishing scheme, where hackers successfully stole funds from 6,000 customers, [ii] and the T-Mobile breach, whose customers had both Social Security numbers and driver’s license information stolen [iii]—they all resulted in negative publicity and a steep decline in customer trust.
Well-known companies make obviously attractive targets for bad actors, but it isn’t safe for smaller organizations to assume they’re flying under the radar. Hackers also target small- to medium-sized companies because they’re less likely to have the sophisticated defenses and resources that a giant corporation can deploy, making it much easier for them to lock up your systems with a ransomware attack or pilfer sensitive information to be sold on the dark web.
Unfortunately, smaller companies lacking national name recognition are also much less likely to recover from the reputational and financial damage a devastating security breach can cause. Attacks that expose sensitive customer information also leave companies open to potential legal liability for failing to maintain reasonable cybersecurity safeguards.
While this may sound scary, and a bit overwhelming, the good news is that you don’t have to just sit, wait, and pray that you won’t be the victim of an attack; on the contrary, proactive measures, such as an exhaustive security review, will help you identify problems before hackers even get the chance to take advantage of you.
The Best Time for a Security Risk Assessment
You can’t hop in a time machine and have Petronella Technology Group (PTG) perform an expert audit on your network yesterday – or AFTER you have experienced a catastrophic breach—but you can contact us today to schedule one. A thorough security risk assessment can identify weaknesses in your system and give you the opportunity to remediate them before hackers have the opportunity to find and exploit them.
Our trained security professionals will conduct a deep review of your network and deliver a comprehensive security report detailing our findings and recommendations. We’ll identify your assets, potential threats, and vulnerabilities. Further, we’ll assess the possible impact of a cyberattack and the likelihood of one successfully exploiting identified weaknesses in your system. Our analysis will include recommended actions to remediate problems and strengthen your security controls to avert hacks, ransomware attacks, and other crimes before they occur.
How Prepared Are You?
If you’re not sure if your company has the proper security controls in place to keep your sensitive data safe, then you probably don’t. The risk of your business becoming the victim of a cataclysmic cyber attack increases every day; the time to act is now.
PTG has the expertise to pinpoint and remediate vulnerabilities in your systems before the worst occurs. Contact us to schedule a free consultation by clicking here or calling us at 919-646-3780.