An account data compromise is when cardholder information has been obtained by an unauthorised person who intends to commit fraud. The opportunity can occur when businesses or designated third parties store cardholder data incorrectly in an unencrypted format. Common ways that fraud can occur includes theft from the premises of a business, physically or electronically, as well as if a business’s or a third parties network has been hacked and data stolen. Added to this, organised criminals have been known to target smaller businesses and third parties in order to steal cardholder data.
What are the consequences?
If cardholder data falls into the wrong hands businesses can expect numerous negative repercussions such as a fraud costs, legal costs, fines or penalties levied, damage to the reputation of the brand and losses in sales. It can even lead to going out of business. Unfortunately the majority of comprises occur to smaller businesses, with tighter margins and limited resources it can be hard to combat these breaches. In the following video ‘Dealing with an account data compromise’ we look at steps that business can take if an account data compromise happens and offer clear advice.
If you are a merchant that requires technical or PCI DSS help, please click here
To help your business be prepared and to have a plan, we’ve provided a downloaded able Security Incident Response Plan Template. This template can assist your business to be ready if a data breach occurs. Want to know more about data breaches and how to be prepared? Then you may be interested in reading: