BreachAlarm

Blog

Point of Sale Breaches: What To Do If You're Affected

• in categories: advice • by: Michelle Balestrat

If you’ve gone shopping with a credit card, you’ve used a Point of Sale (POS) System. While we might only associate online shopping with potential risks to our bank account, in-person shopping with a credit card can also put you at risk.

A pair of scissors cut through two credit cards, in front of a white background.

This is because POS systems are common targets for data breaches, resulting many millions of credit card details becoming compromised each year. Even the largest and most trusted retailers, for example Target, Home Depot, McDonalds and countless others, have fallen prey to these attacks. So, how does a POS breach take place? Read on to find out.

Put simply: every payment terminal is connected to a computer. Generally, these computers are running Windows, and are thus vulnerable to the very same security problems we can face at home. (But don’t get complacent, Mac users!)

When the POS system communicates with the bank to process your payment, your card details are stored unencrypted for processing purposes. Special Point of Sale malware is written to steal this unencrypted information on POS-connected machines.

It’s sadly not possible to control whether we’re affected by such a breach, and such attacks can happen to the best of us. Short of cutting up your credit card entirely and never going shopping again, what can you do if you’re affected by a POS breach?

1) In the event of a breach, do your research

When you learn that a store you’ve shopped at has been breached, look into what sort information has been stolen.

There are many types of data breaches, and a POS breach might not just involve your credit card. Your user account, email or password can also be implicated, and even more worryingly, a customer database breach can even include your address or phone number.

So in addition to getting your credit card cancelled, you might also need to completely change the passwords on your accounts after a breach. In the case of sensitive personal information, you might even need to look at legal options.

2) Read the newsletters##

If you regularly receive newsletters from a retailer you shop with, don’t send them straight to the spam folder.

Customer newsletters and mailouts will often be the first time you’ll hear about a breach, including which information was compromised.

Additionally, these mailouts will include advice on what affected customers should do. The quicker you get this information, the better!

3) Think long-term##

Leaked information from POS data breaches might not be used straight away, so it’s important to keep monitoring your accounts for a few months after you learn you’ve been involved in a data breach.

Just because you haven’t spotted any fraudulent activity on your card directly after a breach, doesn’t necessarily mean your details heaven’t been compromised!

4) Keep an eye on the news##

Unfortunately, in some cases breached companies might not be the first to let you know the bad news.

In this case, you might hear it first through an Internet security news outlet, or via social media.

(Protip: we aggregate the latest security news on our Facebook, Twitter and LinkedIn feeds, so follow us for up-to-the-minute info on the latest breaches).

Boost your breach protection!

Email Watchdog

Guard your online accounts.
  • 10 and 50 email packs available.
  • Detailed breach notifications.
  • Watchdog Update email newsletter.
  • Priority email support.
Learn More

Business Watchdog

Protect your company’s accounts.
  • Protect all email addresses in your domain.
  • Detailed breach notifications.
  • Exclusive access to your domain’s breach status.
  • Watchdog Update email newsletter.
  • Priority Email Support.
Learn More
Browse all posts
Avalanche Technology Group