FirstPost reported on the uptick in credit and debit fraud that the industry has been experiencing in advance of the migration to EMV chip technology. Financial data was not the only information that fraudsters sought, according to Trend Micro, suggesting that there is a need to encrypt and tokenize other valuable information beyond card numbers:
Trend Micro FTR examined Privacy Rights Clearinghouse’s Data Breaches database and analyzed reported incidents over the past decade to determine key trends from conception to execution. The analysis found that the five most frequently breached industries – healthcare, education, government, retail and financial – accounting for 81.3 percent of all disclosed incidents. Additionally, the team determined the most common attack vectors were malware, insider threats, payment fraud and unintended disclosure. The most commonly compromised data included Personally Identifiable Information (PII), health records, financial data, education data, payment cards and credentials.
In a surprising find, criminals have been so good a stealing cardholder data that there is now an oversupply in the black market driving down the value for stolen card information. Perhaps it will be old-fashion market drivers, not technology that will compress card fraud:
A blog by Trend Micro adds that credit and debit card data breach incidents have increased 169% in the past five years. However, some of the information is also surprising. For example, credit and debit card, bank account, and personally identifiable information (PII) have all plateaued or are dropping due to oversupply in terms of prices on the underground marketplace, while the value of compromised Uber, PayPal and online poker accounts are rising.
Overview by Sarah Grotta, Director, Debit Advisory Service at Mercator Advisory Group
Read the full story here