Posted inPCI DSS compliance
It's becoming a common theme- businesses are simply not taking security seriously enough, hackers are finding their way in and customers are simply finding their way out.
This time we refer to telecommunication’s company TalkTalk, who recently released their financial figures, revealing annual profits fell by 50% last year, from £32m in 2015 to £14m.
The reason behind the fallen profits owe to the high profile cyberattack the company suffered when details of more than 150,000 customers were stolen from its website.
The reputational and financial costs involved
Costs for these businesses (apart from reputational damage) can involve significant fines from the card brands- not just for fraud that might be committed on those credit cards, but also for the replacement costs.
The less tolerant customer
After the TalkTalk data breach, their customers were left with many question marks. Was their information secure, what was taken? It seemed unclear at the time, and that's mostly because they themselves weren't 100% sure.
Customers are savvy, and many businesses underestimate that. 150,000 TalkTalk customers had their personal information breached- and over 100,000 of those customers decided to leave. As the security expert, Graham Cluley says in his blog, they’re quite lucky only 100,000 left- they only let people leave if they could prove fraud on those accounts.
Customers are much more clued up- even if they don’t feel as if they’ve personally suffered fraud, do they want to be entrusting their personal details to a company who has suffered a breach like this? No.
Every day more and more companies are adopting a mantra; if you don’t need customer data-simply don’t store it. But clearly, businesses are just not catching up quickly enough.
How many customers will not join TalkTalk in future?
The reason we are talking about TalkTalk is because they had a breach. No company wants to be the topic of conversation because of a data breach. Companies will, if they give it the appropriate attention, make sure that they don’t suffer losses in customers and effectively on costs of new customers not coming to them.
Who’s got the upper hand in the war between the hackers and businesses?
It is an escalating battle and one clear example that we can share, is in the world of credit card security. When the UK moved to chip and pin, and mandated the use of chip and pin for credit card transactions across the board a few years ago- card present fraud (that’s fraud where hackers skim card details or take card details illegally from physical card transactions) has radically dropped and the hackers moved to the next easiest target. In the case of credit cards, that’s cardholder not present transactions.
We’ve seen a spike in the last few years in e-commerce and contact centre attacks, which is where these cards are not protected using the EMV chip and pin protection mechanism.
Although your business may appear to have a clear grip and strategy on the whereabouts of data, has it really it got it all mapped out? Would your CEO be able to issue a confident statement if your customer data was stolen?
For a deeper look read our eGuide - The Definitive Guide to PCI DSS compliance
If you'd like to know more about secure payments then get in touch.
If your business takes credit card payments and needs a long-lasting robust solution, get in touch with us today for expert advice.
Latest Blog Items
Wednesday, 02 September 2020 Winning, losing & regaining customers in the COVID-19 eraWhat was the impact on your customer journey?
Wednesday, 01 July 2020 Remote working for contact centres: Critical next steps, beyond the crisisRemote working — is here to stay. How to make sure security is not compromised
Friday, 19 June 2020 Nine things that bug you about PCI DSS complianceCompliance with the Payment Card Industry Data Security Standard (PCI DSS) helps companies to demonstrate they can process card payments securely and reduce card fraud.