Several of Home Depot's former cyber-security employees came forward last week, revealing that Home Depot's massive data breach could have been predicted. They also reported that a number of the company's practices made it vulnerable to hacking.
For instance, Home Depot's managers relied heavily on Symantec, an outdated antivirus software from 2007, and failed to conduct regular, systematic network scans. When managers did check for malware, former employees reported, they did so for only some end terminals and retail locations. This lack of conscientious monitoring left Home Depot wide open to attack.
Apparently there was also a dearth of employee education and information regarding data security. When workers asked managers about updating software or implementing further training sessions their requests were, unfortunately, denied.
Home Depot did introduce an enhanced encryption program to its systems after witnessing the negative effects of the Target breach. However, this step proved too little to late, as the encryption package was only completed last week, months after hackers had penetrated the business.
This massive attack is likely to have wide-reaching effects on a number of parties. For one thing, the 56 million credit and debit cards stolen in the breach could be used to spend an estimated $3 billion in fraudulent transactions.
"Financial service firms do have deep pockets, but their resources are not unlimited," wrote Forbes contributor Gene Marks. "If these breaches continue to occur, look for them to share the costs not only with those companies that allow themselves to be hacked, but by raising fees to their customers (yes, you and I) to cover these rising expenses. We all lose."
Be sure to protect your company and your consumers by implementing credit processing software you can trust.