Jan 22, 2014
Details continue to come forth about the recent attacks on Target customers who used their credit and debit cards during the height of the holiday shopping season. Charitable foundations should recognize the need to ensure secure payment processing for donors wishing to contribute online. While the situation affecting Target, as well as a growing list of other small businesses, is a far more public and large-scale security breach, nonprofit organizations are not immune to cybercrime and should be taking the necessary steps to prevent donor information from being stolen.
Widespread use of malicious software
According to cyber crime research firm IntelCrawler, there have been a minimum of six attacks on U.S. retailers whose payment processing systems have been infiltrated by malware. In an interview with Reuters, Andrew Komarov, chief executive of the IntelCrawler, explained government security agencies, data analysts and Visa have been notified of the multiple attacks on credit and debit card processing systems but the extent to which consumers' information has been compromised is not yet known. Target initially indicated that roughly 40 million people were affected by the data breach, but updated that figure explaining at least 70 million consumers had their financial information stolen.
Komarov indicated the malicious software, BlackPOS, isn't restricted by geography, citing the fact that the most recent cases involved stores in New York and California. The New York Daily News reported the majority of attacks have been targeted at U.S.-based retailers, but 30 percent of instances of BlackPOS infections were found in other nations, such as Canada and Australia. In reality, the malware that the cybercriminals used isn't new and dates back to 2005 – and potentially to a code found in cybercrime forums in 2003.
"For consumers, I would point to zero liability. They are protected," Rosetta Jones, spokeswoman for Visa explained.
Donors need to understand their information is secure
At the same time, public data breaches, such as the ones most recently afflicting U.S. retailers, can influence donors as they decide how to make contributions. For charitable foundations that accept donations online, it's crucial to remind people looking to pay with their credit card that their financial information will remain secure. Nonprofit organizations should ensure they're working with a payment processing software provider that has the most up-to-date fraud protection built into their tools. Protection like a Payment Gateway makes certain that all information provided by donors is complete and valid, which helps safeguard against potential cases of fraud.