A Boston company that owns and operates several bars and restaurants such as The Lenox, Ned Devine’s and The Harp, recently agreed to pay an $110,000 penalty to settle a lawsuit with the state.  According to the lawsuit, filed by Massachusetts Attorney General, Martha Coakley, The Briar Group LLC exposed more than tens of thousands of their customers’ financial information to hackers after the company failed to remove malicious software from its computers .

In addition to the malicious software, the lawsuit also claims that the company also neglected to change default usernames and passwords on its point-of-sale (POS) systems, secure its wireless network and continued to accept credit and debit card after knowing about the security breach. Now, along with the $110,000 fine, the company is also required to develop a security password management system as well as implement stronger data and network security. The Briar Group is the first company to be penalized under the new Massachusetts’ data privacy law, which went into effect on March 1, 2010.

Most merchants don’t realize how hefty all of the fines and fees can be once they suffer a data breach. Protect your business and avoid all the unnecessary expenses today!

Recently, the Federal Trade Commission (FTC) reached a decision and finalized an ongoing settlement with Twitter.  The settlement, announce in June of last year, resolved allegations that the social-networking giant, deceived its users and put their privacy at risk by not properly guarding it.

As a result of a data breach, the finalized settlement bans Twitter from misleading its customers about the level of protection, security and confidentiality of non-public user information. The hackers, who breached Twitter a couple of times between January and May of 2009, were able to gain administrative control and access to sensitive information, such as non-public user information, private messages and the ability to send out phony messages from any account.

As a part of the settlement, Twitter must establish and maintain a comprehensive security solution which will be assessed every other year for 10 years. Plus, if Twitter violates the settlement, they could face up to $16,000 per incident from the FTC.

If an entity like Twitter can be breached – what is protecting your business? Contact us to establish your own comprehensive security solution and be protected today!

As companies look to secure and strengthen their business environments, many forget to look internally. But why should your organization be worried about internal security? In several cases, breached companies have discovered, only after the damage is done that their own employees hacked into and stole vital information from the business.

For instance Grey Wireline, a Texas-based engineering company, is making headlines due to a disgruntled ex-employee breaching their networks. Ismael Alvarez, who was fired a few weeks before, wanted to get revenge on his former employer and hacked into a protected computer and deleted 68 reports containing sensitive information on oil and natural gas wells. After authorities traced the breach and found Alvarez through his IP address, he was charged with more than $20,000 in restitution and fines, five years of probation and a year of home confinement for his crimes.

The only real solution that can secure a business is a comprehensive one, like SecureConnect, that safeguards both your internal and external networks.  If you are interested in securing your business from the inside out, contact us today!

Even the most cautious consumer can make simple mistakes and become a victim of credit card fraud. More importantly, merchants should learn of the common risks and how to protect their customers’. Fortunately, creditcards.com has outlined the top 10 riskiest places to use credit cards and how to avoid the dangers.

1. Non-bank-owned ATMs: While it may be convenient, these terminals are usually not as good as a bank ATM. In certain cases, hackers will display devices that are just card-skimming machines to steal your financial information.

2. Flea Markets: Flea market merchants are much less likely to be PCI compliant if they accept credit or debit card information. Plus, some merchants take physical records of your cards (like carbon copies) for payment which are much easier to steal.

3. Small Shops/Cafes in Foreign Countries: Banks and the credit card companies report that these merchants tend to have higher rates of credit card fraud so use cash with all of these purchases.

4. Non-Secure Online Checkout: Although it seems like common sense, it is surprising how many online shoppers make purchases on website that aren’t secure.  Check to be sure that all of your transactions are from websites that state or show that they are safe.

5. Wi-Fi Hotspots and Public Computers: For many businesses, offering free Wi-Fi can be a huge selling factor to their customers. However, if your Wi-Fi network isn’t properly protected it can be one of the most common places for your business and customers to be hacked.  A Wi-Fi hotspot solution like SecureConnect’s can both manage and protect your Wi-Fi segments, eliminating any and all security issues.

6. Recurring Bills/Subscriptions: While automatic bill pay is more convenient, it may also keep you out of the loop to how much is actually being charged to your account and who is behind it.

7. Smartphone purchases: If you are making purchases on your smart phone be careful of the networks you’re using. Public Wi-Fi networks are less secure and your phone has a higher risk of being infected with malware or breached. It is so important that all merchants have proper Wi-Fi security in place to keep all online purchases – via computers or smart phones – safe. 

8. Unsolicited E-mails Offers: Unless you know that you have signed up to receive messages from specific companies, don’t click on any e-mails that look suspicious. If you aren’t sure, contact the company through their official web site. 

9. Strange and Foreign Domain Extension: If you will be making online purchases, it is best to use web sites that have common extensions such as .com. Other extensions, (like .ru for Russia) are for countries outside the U.S. and it is much more likely that you can be hacked through them.
 
10. Suspect Swipe Terminals: If you happen to notice a suspicious, stand-alone terminal at another credit card payment machine, say at an ATM or gas pump station, don’t use it! Typically card skimmers are placed there by criminals hoping to collect your financial information. 

These valuable guidelines can give great insight to the potential risks, but only a PCI compliance and network security solution is the only thing that can fully protect you.  If you are a merchant that wants to secure your networks, better protect your customers and save time, money and hassle – contact us today!

Customers in Pearland, Texas got much more than they bargained for when they ordered drive thru at a Jack in the Box.  Authorities discovered that an employee, 21-year-old Dayvon Clement, was stealing credit and debit information from drive-thru customers using a card skimmer. Pearland authorities tracked down Clement due to a rising number of credit card fraud cases leading back to the restaurant.

“The detectives started looking at their [the victims] credit card transactions…anything on their credit, debit card that may be had a common thread,” said Lt. Onesimo Lopez. “We discovered that each one had gone through the drive-thru at the Jack in the Box.” Once the information was captured and recorded, Clement created counterfeit cards and then used those to purchase gift cards.

“It’s an effective way of laundering these kinds of funds because once you have the gift card, that gift card is not connected to that stolen credit card info anymore. So you have a clean way to make purchases,” said Lt. Lopez.

As hackers and their techniques evolve, merchants have to make sure that both their physical and network security can easily prevent any invasion. Contact us today, if you want to enhance your network security!