Shortly after Target announced that customer data had been stolen from their system last year, my husband received a new credit card in the mail. Accompanying the card was a letter that effectively said, “just in case.” While the credit card company didn’t explicitly mention Target’s security breach, the timing and phrasing of the letter made it clear what prompted them to issue the replacement card. My father’s smaller bank, however, chose not to replace his card until and unless fraudulent charges appeared—which they soon did. It’s impossible to say with one-hundred-percent certainty that the fraudulent charges on my father’s card were due to the Target security breach, but it seems likely. Another time, a swarm of my husband’s coworkers complained of unauthorized charges on their cards. Turns out they’d all swiped at the same coffee shop down the street from their office. The shop owners admitted that, yes, their system had been hacked.
There was a time when these kind of retail security breaches were surprising, but that’s no longer the case. Data breaches continue to be alarming, yes, but not really surprising. In fact, there’s been a veritable string of breaches lately.
These are just the big names. Security breaches like the one at the coffee shop down the street from my husband’s office rarely make the news, but this particular café was not the first or only small business to ever have been hacked or infected with malware. Nor is the problem exclusive to retailers.
In this time of seemingly rampant customer data security breaches, what is a small business owner to do? I don’t have a concrete answer, but I do have some common sense advice.
One: do everything in your power to keep customer data secure by maintaining strict security standards with your POS system.
Two: have a plan in place for how to respond if customer data is compromised—just in case.