Breaches spotlight data security

Share this article:

Data breaches continue to vex marketers. Three men were indicted this month for stealing more than 130 million credit and debit card numbers, according to the US Department of Justice. The breach was discovered in January and is the largest hacking and identity theft case ever prosecuted by the Justice Department.

The information was hacked from five corporate entities: Heartland Payment Systems, 7-Eleven Inc. and Hannaford Brothers Co., and two unidentified corporations. The two-count indictment alleges that Albert Gonzalez of Miami and two unnamed co-conspirators orchestrated the attacks.

Gonzalez is a repeat offender. He was previously indicted in May 2008 and again in August 2008 for his involvement in data breaches of companies such as TJX Companies, Dave & Busters and OfficeMax.

This recent arrest is the latest in a long line of these incidents, and the danger is that consumers, wary of divulging personal information, could reach a breaking point. According to Forrester Research, consumers' perception of online security continues to color their behavior online. Security concerns are the number two reason consumers cite for not transacting online. This reflects a broader unease about e-commerce security, and it plays a role in keeping some consumers from migrating online for activities such as online banking.

"The biggest challenge to a marketer is, with the amount of fraud, any transaction online is at risk," said Jeff Jurick, VP-compliance and critical communications at agency Direct Group. "E-commerce companies have to be diligent in the protection of their customers' data and they have to communicate and deliver confidence to consumers that their data is safe." Jurick added the direct marketing industry needs to "make a better effort with consumers on best practices."

That is easier said than done. With the trust gap widening, alleviating consumer concerns has become more complicated for marketers. Marketers need to build security into their networks, Web sites and point-of-sale environments, in addition to developing processes for customer data usage.

"Good custodianship is no longer a matter of what processes you have in place or how you use the data," said Jonathan Penn, an analyst at Forrester Research. "It's also about what security you have around the data."

Kristen Mathews, partner, Privacy and Data Security Practice Group at Proskauer rose LLP, said once a breach does happen, what matters most is having a plan. "You need to be upfront and honest about what happened," she said. Companies also need a remedy. "It's common to offer reimbursement for credit monitoring services depending on the data compromised."

Mathews said a checklist of things to do once the breach occurs includes coordinating with law enforcement, identifying the nature and scope of the problem, containing the incident, and deciding about external communications, including whether to notify the media. Penn has developed a series of recommendations for marketers to manage concerns and improve consumer trust. (see below). l

Share this article:

Next Article in Database Marketing

Sign up to our newsletters

Follow us on Twitter @dmnews

Latest Jobs:

Featured Listings

More in Database Marketing

What's H-appending? DiscoverOrg Taps Marketo's Webhooks

What's H-appending? DiscoverOrg Taps Marketo's Webhooks

Cloud-based marketing automation behemoth Marketo joins forces with marketing intelligence company DiscoverOrg to improve its data collection capabilities.

A Toast to Marketing Attribution

A Toast to Marketing Attribution

Vino accessories and storage company Wine Enthusiast indentifies top and underperforming affiliates using algorithmic marketing attribution.

Q&A: When (and How) to Bust Down the Data Door

Q&A: When (and How) to Bust Down the ...

Some people run into issues with trying to build the perfect solution when often an 80% solution will do, says MailChimp's chief data scientist.