On December 19, the beloved east coast gas station and convenience store with a strong, dedicated base of consumers announced a massive data security incident. The company confirmed that malware infected its payment processing servers for a period of nine months, between March 4, 2019, and December 12, 2019, when the problem was fully contained (two days after discovery). Customers’ payment card information, including debit and credit card numbers, expiration dates, and cardholder names (but not PIN or CVV2 numbers) were vulnerable to this malware.
In accordance with Federal Trade Commission guidance, Wawa CEO Chris Gheysens sent a letter to customers describing the incident, the affected information, and the actions the company is taking in response, along with an offer for credit monitoring services.
What’s missing from the story is the cost of the incident. Regulatory fines and costs related to investigations, legal fees, and credit monitoring services are only part of the total combined cost. According to a report by IBM and the Ponemon Institute, the average total cost of a data breach is $3.92 million. Of this amount, $1.42 million (36 percent) is attributed to lost business. Will this incident break the confidence of Wawa’s die-hard devotees?
Any brand in any industry is vulnerable to a data security incident like this. Virtually every day, there is a new data breach in the headlines. As DivvyCloud CTO and co-founder Chris DeRamus wrote, the number of incidents will only grow in 2020. A comprehensive data security strategy is essential for businesses to protect their bottom lines and valuable brand reputations.
Check out how DivvyCloud can offer protection from threats, misconfigurations, policy violations, and IAM challenges in cloud and container environments. With automated, real-time remediation, DivvyCloud customers achieve continuous security and compliance, and can fully realize the benefits of cloud and container technology.
DivvyCloud protects cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges. With automated, real-time remediation, DivvyCloud customers achieve continuous security and compliance, and can fully realize the benefits of cloud and container technology. Freedom is good. Chaos is bad. To learn more: www.divvycloud.com.