Tesco has hit headlines after logins and passwords to its online shopping site, Tesco.com , were posted on the internet by hackers.
The supermarket, which is the UK’s biggest retailer, is reported to have deactivated some customers’ accounts following the hack. It’s understood that hackers have compiled customers’ account details and passwords using details taken from other sites and then posted them online. Tesco is now investigating the breach.
This isn’t the first time Tesco has hit problems when the security of its customers passwords have been breached. In 2012 questions were raised about the way it stored its customers’ data at the time. But this time it seems to be different: there are no questions raised about how it has stored data. The question is rather about how its customers use the same password details on different sites.
But Lancope CTO, Tim ‘TK’ Keanini says Tesco should have been better prepared. “These events are about as hard to predict as the sun rising tomorrow morning,” he said.
“The problem is not the fact that cybercriminals break into these networks, but that they can go undetected while they figure things out and ultimately exfiltrate the files without being seen. Having eyes on a popular text-sharing site is not an effective method of detection by anyone’s standard. In a recent survey performed by the Ponemon Institute on incident response, companies using the operational metric of Mean Time To Know (MTTK) was at a miserable 23% so it is just far too easy for cybercriminals these days to operate effectively.
“This is not Tesco’s first security incident, and let’s hope they are experienced enough now to have in place the right telemetry for a timely and precise investigation – because the time to put up the security cameras is not after the incident. Given the way the reports say the incident was discovered, it does not seem that they have the right technology in place when facing this advanced threat. Sadly, most retailers do not.
“If these retailers would spend half the time on cybersecurity analytics as they spend on consumer analytics predicting buying patterns, the cybercriminals would have a very hard time being successful as their behaviour could be predicted and retailers would have more effective defences. This I believe is evidence that retailers do not feel like cybercrime is a part of doing business yet but how many more times will they need to be compromised before incident response is part of the business process?”