On March 8, Home Depot agreed to pay a $25 million settlement to a group of banks for damages incurred during the company's massive 2014 data breach. During that breach, email or credit card information was stolen from more than 50 million customers by thieves who hacked store self check-out terminals.
It's one of the largest breaches in history, but that $25 million settlement is just the latest financial hit Home Depot has taken since the incident. Based on court documents, some say the total cost of the breach so far exceeds $179 million – and it will likely be much higher.
What's interesting about the legal wrangling and settlement is that businesses who suffer a breach wind up not only owing their customers, they also get hit by the banks and the credit card issuers. They get it from both sides.
As the largest home improvement store retailer in the United States based on revenue, Home Depot has the resources – financial and otherwise – to weather such as lasting and nasty storm.
But what about smaller merchants who have neither the financial resources nor the expertise to deal with something like a data breach?
For starters, it's not just the drawn out financial impact of being breached. The other challenge is that PCI (Payment Card Industry) data security standards and compliance requirements – that all credit card-accepting merchants must follow – are complex and constantly evolving, along with technology in general. So if you can't figure out the rules and the technology yourself, and you're found to be PCI non-compliant, you can be hit with fines. Of course, all of that is in addition to the risk of being hacked by the cyber criminals you are trying to stay one step ahead of.
Increasingly, partnering with a third-party vendor like ZZ Servers makes great business sense, as it can help you maintain data security, compliance and peace of mind on an ongoing basis.
ZZ Servers is a validated PCI Level 1 Service Provider, meaning that it can provide custom engineered solutions for businesses that need to comply not only with PCI but also Health Insurance Portability and Accountability Act (HIPAA) and Federal Financial Institutions Examination Council (FFIEC) requirements.
The IT security firm can help your business validate the security of your environment through log monitoring and archiving, firewall protection, intrusion detection and system maintenance. And they can securely host your merchant systems for you.
Compared to the bewildering complexity of PCI compliance and seemingly never-ending cost of a data breach, partnering with a trusted provider like ZZ Servers makes perfect business sense.