Skip to main content

2020 Data Breaches in Review

2020 was certainly not the year we expected or hoped for. But despite the unexpected twists and turns of the past year, one thing held constant: the continuation of data security threats and breaches. To reflect on the past year, PCI Pal pulled together a review of some of the biggest data breaches and trends from 2020.

COVID-19 wasn’t the only challenge for the travel and hospitality industries this year. The early months of 2020 saw data breaches targeting MGM Resorts, Marriott Hotels, Carnival Cruises and EasyJet. Millions of travelers’ data was stolen ranging from phone numbers and addresses to more sensitive information such as driver’s licenses, passports and payment card details.

But just as COVID-19 changed so many other things, we also saw changes to the cybersecurity landscape. As people around the world turned to digital tools to manage every aspect of their lives, bad actors took notice, using phishing to target vulnerable home workers and their employers. One of the biggest and most damaging trends, though, has been the uptick in ransomware attacks from cybercriminals and nation-state hacking groups. Ransomware attacks have been used to target companies large and small, with high-profile attempts on companies like Tesla, Toyota, Garmin, and more recently, Kmart. And these attacks aren’t just limited to businesses – some of the most widespread have been used to target local government agencies, school systems and healthcare providers.

While we don’t know what the new year will hold, we can be sure that cybersecurity threats will persist. The good news is that there are steps companies can take to protect themselves.

Whether your employees are working from home or the office, make sure they’re following basic cybersecurity practices. In order to guard accounts, require employees to choose long passwords or set passphrases when possible, use a different password across each account and utilize two-factor authentication. Additionally, encourage employees to verify any links or files prior to downloading. Adhering to basic practices like these can help guard your company against phishing and ransomware attacks.

For companies that take payments online or over the phone, security will be particularly important. Businesses should consider adopting a PCI compliance solution to protect payment details and other sensitive data across customer engagement channels. PCI DSS – the highest standard of security for Card Not Present (CNP) payments – can descope your environment to minimize the risk of cyber threats.

PCI Pal can help! Contact us today to learn how our secure payment solutions can protect your company from whatever cyber threats the new year may bring.

Sign up for Knowledge Centre notifications

Never miss the latest blog, news, podcast or event. Sign up to be notified when we publish something new.

Chatwith us