It’s October and you know what that means: Millions of consumers nationwide will be making a trek to their local retailers to purchase costumes, decorations, and Halloween treats. But unbeknownst to consumers and retailers, everyone could be in for quite a headache (unfortunately this one won’t be sugar induced).
With the casual swipe of a credit card, consumers instantly grant a retailer access to their private personal and financial information. The retailer processes the information, the consumer’s account is debited, and Susie gets her Elsa princess costume. All is well. Yet, imagine this: Thousands of miles away, a sophisticated hacker has gained access to the retailer’s computer network through one of the retailer’s low-level contractors.
One remote link between the retailer’s computer system and the contractor’s system—for something as seemingly innocuous as electronic billing—grants a hacker unfettered access to credit and debit card information, names, email addresses, mailing addresses, and phone numbers for 110 million consumers.
With $148 million in uninsured breach-related costs, lost profits, and irreparable loss to reputation, some retailers and their vendors know exactly how scary a data breach can be and the importance of strategizing risk transfer for cyber risk.
Companies in every industry need to carefully evaluate their relevant exposure and take proactive steps to maximize insurance availability.