Users of Acer’s online store between May 12th, 2015, and April 28th, 2016, may be in for a rude awakening. Acer may be attempting to contact you to relay that your credit card’s credentials have been lifted by hackers. The breach in question resulted in 34,500 customers having their credentials stolen, including the user’s name, address, credit card number, expiration date, and security code.
In other words, the breach revealed basically everything that a hacker would need to hijack your identity and make fraudulent purchases using your finances. Those were are affected by this breach are limited to the United States, Canada, and Puerto Rico, though it’s always a best practice to check on your accounts for any unauthorized transactions. In-store customers should also keep tabs on their accounts, just to be on the safe side.
Acer has kept quiet to the nature of the breach, perhaps due to internal user error. This is one of the major reasons why data breaches happen, and it can be as easy as giving sensitive credentials, like passwords or usernames, to the wrong person. All it takes is one phishing email to trick an employee who doesn’t know any better, which is both an embarrassing and frustrating occurrence.
Acer, due to their relatively large consumer base, was a big target for hackers and criminals, but this doesn’t mean that small companies are any safer from threats. While it certainly helps to keep a low profile, today’s online environment shows that even inconspicuous small businesses could accidentally contract and foster the growth of viruses or malware. The best bet that your business has is to prepare for the worst and to educate your employees on how to keep themselves and your business’s data safe in an online environment.
These best practices include:
Practice good judgment: If an employee opens up an email that seems to be legitimate, and clicks on suspicious links or attachments, this invites tragedy into your business’s network. Phishing attacks, like the aforementioned example, are common threats that your employees need to be prepared to deal with. Educate your employees on how to identify common signifiers of phishing attacks, and to approach each message with a critical eye.
Make security part of company culture: Password protocol is a major problem, particularly because people tend to use simple passwords that are easy to remember, rather than ones that are secure. Therefore, you need to reinforce that your employees should use complex passwords that combine letters, numbers, and symbols. These passwords should be changed regularly, just to stay on the safe side.
For more assistance with keeping your data protected, contact ActiveCo Technology Management at 604.931.3633.