Rippleshot Blog

In 2013, we saw the start of a series of massive data breaches impacting organizations of all sizes, across a variety of industries. Ranging from retailer heavyweights such as Target, to regional grocery chains like Supervalu. In 2014, we saw organizations like Home Depot, JPMorgan Chase and eBay fall victim to a data breach, compromising a total of roughly 330 million personal records. 

The Ponemon Institute and IBM recently released its annual Cost Of Data Breach Study: Global Analysis, receiving contributions from over 350 organizations in 16 different industries in 11 countries that were involved in an event where an individual’s name plus a medical or financial record is potentially at risk.

Last Thursday, IBM and the Ponemon Institute hosted a webinar covering the findings from the 2015 report led by David Puzas, Director of Portfolio Marketing, Security Services at IBM and Dr. Larry Ponemon, Chairman and President of the Ponemon Institute.

While we’ve been busy keeping a close eye on the happenings of the Target lawsuit, issuers have filed another one - this time against Home Depot and the data breach that occured over the summer of 2014 and exposed 56 million payment cards.

Falling in line with Target, there are two lawsuit tracks - consumer and issuers. Now that both have been formally filed with the United States District Court in Georgia, follow along as we take a deep dive into the complaints and claims listed.

With the halfway mark for 2015 quickly approaching, many consumers have reached a state of data breach fatigue. Nearly every week, a new story comes out where the personal and payment information of U.S. consumers has been compromised due to a data breach.

According to the Breach Level Index, over 1 Billion data records were stolen in 2014 - nearly 20% of those including financial information. But where is financial information being compromised, specifically? Rippleshot research has found that over 60% of payment card accounts that got stolen in 2014 can be tied back to five merchant categories.

Over the past few years, data breaches have pounded the payments industry.  Target’s 40-million credit and debit card data breach washed away their C-suite, billions of their market capitalization, and hundreds of millions of profit in lost sales and imposed fines. The list of catastrophic data breaches continues to grow as Issuers struggle with a rising tide of fraud losses, merchants faced with a public breach are most often swept under within six months. Consumers, faced with reissued card after reissued card feel lost at sea, distrustful of the whole system.

Many have called 2014 “the year of the data breach,” which saw breaches affect retail organizations including Target, Home Depot, P.F. Chang’s and UPS. These data breaches combined for over 220 million exposed records in a period of just over 15 months. However, cyber criminals may have their sights set on a much more lucrative and untapped industry in 2015, insurance and health care providers.

In a year of broad-ranging and publicly damaging corporate data breaches, the malware attack on Sony Pictures Entertainment joins the ranks of companies like Home Depot, JP Morgan and eBay who suffered incredible losses at the hand of deft cyber-attackers.

Here’s the timeline of everything we've learned so far:

On September 24th, Jimmy John’s, a famous Sandwich Shop franchise, reported that it “learned of a possible security incident involving credit and debit card data at some of Jimmy John’s stores and franchised locations.”

Get caught up with latest news regarding data breaches for the week of September 22nd.

Get caught up with latest news regarding data breaches for the week of the September 8.

Get caught up with latest news regarding data breaches for the week of the September 1.

Update 1: In a Brian Krebs exclusive, sources informed Brian Krebs that in a conference call with several financial institutions, MasterCard shared several updates regarding the Home Depot data breach. According to Krebs' sources, MasterCard told affected banks that the card brand believes that only self-checkout terminals were affected in the breach. At the time of writing, Home Depot neither confirmed nor denied this report as the investigation is still underway.

We've put together the latest data breach news for the week of August 18, 2014:

On June 13th, 2014, P.F. Chang’s China Bistro reported that there had been a breach involving customer’s credit and debit card information. The restaurant chain learned about the breach on Tuesday June 10th, 2014, and investigated the issue with the help of the United States Secret Service and third-party forensics experts.