Neiman Marcus Confirms Data Breach Affecting Its Shoppers, But Says Little Else
U.S. Department of Labor Recovers Money In Several Employer-Operated Retirement Plans

Target Data Breach: The Math Says That Crime Pays Well

If you haven't read it, there is an excellent article at Finextra Research about the Target breach; specifically the value of stolen shoppers' information. The article explains how your location information makes consumers' stolen payment information more valuable to thieves:

"... Target hackers have undertaken to selling location usage data alongside the card data, and can charge a premium for such data. Value added service to the fraudsters and clearly a strategy that is paying off. Fraudsters are paying anything between $20 and $100+ for a skimmed Target payment card – location data has added a premium to what the fraudsters charge. That’s puts the “value” on the 40million+ payment cards stolen from Target at between $800million and $4billion! If we assume that their ROI is a minimum of 10 times their “investment” then we are looking at a fraud value of between $8bn and $40bn."

Plus, the numbers are much worse. Why? First, Target increased the size of its data breach to 70 million from 40 million. Second, this math is based upon what we know so far. The breach news is far from over. Third, news reports have mentioned three other retailers impacted besides the Target and Neiman Marcus breaches.

This math is important because any risk-analysis systems used by retailers (and banks) use data elements (e.g., location data) that thieves have stolen... and will continue to steal. The thieves are upping their game, and industry needs to respond. It is long past time for the U.S. retail and banking industries to upgrade from obsolete credit/debit card technology to smart payment cards.

The math is important to consumers. Why? You now know how valuable your location information is for thieves. Don't be so quick to give up your location data to social networking websites, banks, and retailers without getting something substantial in return.


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.