The 2023 credit card data breach was updated March 2023, and is not all inclusive. Is your business safe from a credit card data breach? The list below highlights some credit card data breaches and the primary cause at the time the data breach was announced. While malware reigns as a top cause of payment data breaches, employee theft is still a problem too. To make the list, typically companies are only listed if full card data is stolen.
Restaurants
January 2020 Chick-fil-A says less than 2% of customers affected by breach via website and mobile application between December 18, 2022 and February 12, 2023 using login credentials obtained from a third-party source. Name, email address, Chick-fil-A One membership number and mobile pay number, QR code, masked credit/debit card number, and the amount of Chick-fil-A credit (e.g., e-gift card balance) on your account (if any). In addition, if saved to your account, the information may have included the month and day of your birthday, phone number, and address. Importantly, unauthorized parties would only have been able to view the last four digits of your payment card number.
Retail & Ecommerce
January 2023: JD Sports– online store November 2018 and October 2020, announced January 2023. Among other shopper data for 10 million customers was the last four digits of card numbers. JD Sports is based in the UK and can expect fines up to the higher maximum permitted under Part 6 of the Data Protection Act 2018, so potentially £17.5 million or 4% of the total annual worldwide turnover in the preceding financial year, whichever is higher.
Technology
January 18, 2023: Paypal, about 35,000 customers exposed information included names, addresses, Social Security numbers, individual tax identification numbers, and dates of birth. Unauthorized access by credential stuffing.
Don’t be the next credit card data breach victim!
Christine Speedy is Qualified Integrator and Reseller certified by the Payment Card Industry Security Standards Council. QIRs are integrators and resellers specially trained by PCI Security Standards Council to address critical security controls while installing merchant payment systems. QIRs reduce merchant risk and mitigate the most common causes of payment data breaches by focusing on critical security controls. Call Christine for technology, merchant services and check processing needs.