When several data breaches recently exposed the personal information of millions, anyone with a credit history and a brain scrambled to protect their identity: Fraud alerts were employed, credit was frozen and any kind of suspicious activity was reported and reviewed.
But what effect did those very public security hacks have on local restaurants and small retail shops? Experts say small business may have taken the hardest hit.
“Probably more than 50 percent of cyber attacks attempt to target small business,” explained Mike Bloomfield, president geek at Tekie Geek, a computer consulting firm based in Eltingville. “It’s a lot easier to rob the little guy than to go after a big score at larger businesses. Hackers are going after small businesses because they lack backups and are not properly protecting themselves.”
Bloomfield reported that small business is actually targeted by hackers and thieves for several reasons: Many business owners don’t take the proper precautions because they think they are too small to target and they simply lack the resources and know-how to protect themselves. And when a data breach actually occurs, they don’t detect it quickly enough to fix it.
“Social security numbers and credit card information is being leaked out onto the dark web,” Bloomfield said. “Consumers are being told what to watch for but small business owners need to be just as vigilant.”
Cox Business provided these tips:
“Make sure your firewall and antivirus software is up to date and audit your offboarding process to ensure you’re not leaving the door open.”
The communications company also suggested “creating a culture of security to protect yourself from spear phishing and man-in-the-middle attacks.”
Mike Montalbano, owner of Team Logic IT in Dongan Hills, agreed.
“Many small business owners must rely on their personal credit to run their businesses – this is especially true with start-ups – so these breaches affect small business owners in much the same way it does individuals,” Montalbano said. “You burden some of the responsibility of protecting your credit score, your bank activity, etc., so be proactive. Check your credit score and bank statements regularly, call your financial institution when there is a known breach, request a new credit or debit card number, or even a new account number. And of course change your passwords. Don’t wait for your bank to call you, hackers are disguising themselves as bank employees looking to exploit this situation and get more information out of you. Train your employees to be on the lookout for phishing and other scams.”
Bloomfield reported that small business owners will also be protected by the SHIELD Act (Stop Hacks and Improve Electronic Data Security), which Governor Andrew Cuomo signed into law this past July.
SHIELD Act, which amends the State’s current data breach notification law, takes effect on March 21, 2020 and imposes more expansive data security and data breach notification requirements on companies, ensuring better protection for New York residents from data breaches of their private information. Cuomo also signed into law the Identity Theft Prevention and Mitigating Services Act which requires credit reporting agencies that face a breach including Social Security numbers to provide five years of identity theft prevention and mitigation services to affected consumers. It also allows for consumers, at no cost, the right to freeze their credit.
“If you’re doing business in New York you’re now protected by SHIELD,” Bloomfield concluded. “The government is issuing these regulations for good reason – businesses are greatly affected by these breaches so it’s important to be vigilant and alert.”