Harbortouch Latest in Line to Be Affected by Payment Data Breach

Recently, Sally Beauty Holdings reported that it is investigating a possible payment card breach. The retail chain, which runs nearly 2,800 stores in the U.S, started an inquiry after it received reports of “unusual activity” involving payment cards that were used at some of its stores during the last week of April.

I don’t know about you, but the moment I come across news of this kind, my mind starts racing. Did I shop at that particular store during that period of time? Is it possible that my credit card was among those compromised? What can I do to find out whether my card details are secure or not?

Unfortunately, given the increasing frequency with which payment card breaches are being reported, this scene has been replaying in my head with alarming persistency. Even in the case of Sally Beauty Holdings, this is not the first cyberattack to take place.

Last February, attackers stole approximately 25,000 records containing payment card information through malware installed on point-of-sale systems at Sally Beauty stores. The company offered free credit monitoring and identity-theft protection for one year to customers that may have been affected by the data breach.

For some time now, retailers have been struggling with cyber attacks aimed at stealing payment card data, which then is quickly offered for sale on black-market websites. Between April and September 2014, hackers stole 56 million payment cards from Home Depot.

In late 2013, Target too was the victim of a cyberattack which compromised information related to 40 million credit and debit cards. The latest in the line of cyber attack victims is the Point of Sale (POS) systems vendor, Harbortouch.

The company recently revealed that a small number of its restaurant and bar customers were impacted by malicious software that allowed thieves to siphon customer card data from affected merchants. A major U.S. card issuer is of the opinion that Harbortouch has downplayed the scope of breach, and the compromise has impacted more than 4,200 of its customers nationwide.

In the weeks leading up to the Harbortouch disclosure, many sources in the financial industry had speculated the possibility of a breach at a credit card processing company. The cause behind this suspicion was that banks had started encountering a great deal of card fraud which they couldn’t easily trace back to one specific merchant.

Some banks, in an attempt to curb these fraud spikes, even introduced dramatic changes to the way they processed credit card transactions, such as requiring their customers to enter “PIN” numbers while conducting a purchase. Meanwhile, Harbortouch has taken steps to identify and remove malware from its systems, and engaged a leading forensic investigator to assist them in their investigation.

Nevertheless, it cannot be denied that POS providers, and their large number of customers, have a massive problem to deal with when it comes to cyberattacks. While the companies undoubtedly do as much as they can to keep their systems malware-free and take swift steps towards damage control when unwanted incidents occur, it is advisable that consumers remain alert as well, and take steps to protect their credit card information in a proactive manner.