News Feature | February 2, 2016

What Solutions Providers Can Learn From The Potential Wendy's Data Breach

By Jeremiah Shea, contributing writer

Potential Wendy’s Data Breach

The year 2014 saw the likes of Target, Home Depot, and JPMorgan Chase targeted for fraudulent activity, and 2015 followed with T-Mobile, CVS, as well as the Anthem breach that affected one in three Americans.

While 2016 started off with headlines of a Time Warner customer data breach affecting 320,000 customers, the recent news of Wendy’s food chain being a potential victim could affect far more as their 6,500 locations are in every major market nationwide.

While the breach itself is still under investigation, it’s at the very least a security reminder to your IT clients that are business owners and their customers. In a time when data breaches are becoming commonplace, both sides have to be even more vigilant in how they protect themselves from falling victims to such attacks.

Many people can’t even begin to understand the motive behind such attacks. Jeremy Gumbley, CTO and CSO of Creditcall, explains, “Hackers want more than a burger and your credit card details, they want the recognition that comes with infamy — and they will stop at nothing. Understanding what motivates cyberthieves and their relentless drive for highly sensitive data should be a wake-up call to retailers, restaurants, and merchants regarding the imperative need to embrace a multipronged approach to payment card security (referred to as the ‘Holy Trinity’ and inclusive of EMV, point-to-point encryption [P2PE] and tokenization).”

Remind your IT clients that the name of the game is persistence and keeping your guard up. Rather than wait for headlines, taking a proactive approach in terms of reviewing statements and keeping an eye on all systems goes a long way in protecting businesses.

And there’s more at stake here. Beyond the potential for Wendy’s to get hit with a hard dollar amount to pay back, there’s residual harm something like this can cause to the chain. These are some of the same things that hit Target when their breach happened in 2014 and the subsequent fallout that lingered. Things like consumer trust in their brand, stock prices, marketing spend to regain trust, and technology investments to all but outright protect against another breach.

It’s the idea of a pebble dropped in water and how those waves can carry on and affect so much more.

Jeremy Gumbley goes on to say, “Wendy’s data breach offers lessons for large and small retailers alike — again, hinged on the need for a multipronged payments security. EMV is a great first step, but it alone cannot prevent a data breach. P2PE is a fantastic complement, and for optimum comprehensive security, tokenization is an essential part of the mix.”

VARs and solution providers take note. While fear mongering isn’t necessarily a sound business platform, bringing these truths up with prospective clients is an absolute must when outlining a sound security plan. To stop short of risks and how to address them is only doing a disservice to yourself and your customer base.