3000 Credit Cards Compromised in Data Breach

3000 credit card numbers belonging to customers of electronics retailer Small Dog Electronics have been compromised in a data breach. The breach left the sensitive data exposed for almost a month between late December and late January. The company claims it is PCI compliant and that it was subjected to a penetration test. They are now pursing the issue with that tester. The CEO, Don Mayer said the security flaw has been fixed but had no other details, admitting he did not even know what language their ecommerce system was written in.

“I’m very proud of our staff in terms of their reaction. We have dealt with this very responsibly, and notified customers immediately of the breach,” Mayer added. “We are doing everything in our power to reclaim our customers’ trust and provide the credit monitoring services that are necessary.”

Small Dog’s customers appear to be less satisfied with the company’s response, claiming the letters sent explaining the incident offer no compensation or credit protection and that although the company will provide the service if asked, many don’t realize they can ask.

Should a company offer credit protection in the event of a data theft? I believe so. It’s an important step in keeping your existing customers’ trust and gaining that of potential new customers. Data breaches are a growing threat. Last year the average total cost of a data breach was $6.75 million for an average of $204 per compromised record. Security experts say there are three main causes of data breaches, System glitches, which account for 36%, malicious attacks, which account for 24%, and the most common cause, negligence or simple human error, which accounts for a whopping 40% of all data breaches.