As you are most probably aware, the Target department store suffered a data breach which exposed 110 million of its customers’ credit cards to hackers. It’s not news that these commerce juggernauts are targeted (pardon the pun) by thieves, but what is news is that you heard about it.
Companies get hacked every day. Most handle their data breaches quietly, afraid that the news of the breach would hurt their company’s reputation. Target has been refreshingly upfront about its data breach, with a full-page message from Target’s CEO running in today’s paper. This is outstanding public relations. Being a bit of a network security wonk and an observer of public relations, I applaud how Target has taken ownership of this problem. What’s more, I hope other affected companies will follow Target’s lead and be more willing to own up to their security breaches.
We can’t pretend that hacking doesn’t take place; we all know security-through-obscurity doesn’t work. A better approach would be to acknowledge the scope of the problem and to collaborate on ways to strengthen the tools we all use to keep our networks secure.