case studies
Retail
HomeCase Studies → Breaches Can Sometimes Be a Slow Leak

Breaches Can Sometimes Be a Slow Leak

Threat Landscape

The enormous amount of sensitive customer data held by the retail industry lures hackers and poses cyber security risk. As retailers collect more and more customer info from digital marketing and loyalty programs, the amount of data is rapidly increasing. While chips and anti-fraud programs have helped, the challenge remains for retailers to secure the potential entry points for hackers, from point-of-sale (POS) systems to mobile devices and interconnected networks.

Challenge

A national cosmetics company learned that not all cyber security firms bring the same level of investigatory experience. When a reporter informed the company of its compromised POS system, they called in a competing cyber security firm. Two weeks passed, and nothing was uncovered. Unconvinced, the organization’s general counsel called us in to take a second look.

Solution

In a breach response, every minute is critical. Within 48 hours onsite, our team of forensic investigators confirmed that the POS environment was compromised and, in 72 hours, we accurately assessed the magnitude of the breach. Once the breach had been identified, the retailer called in the required payment card industry forensic investigator (PFI). However, our team was able to dive much deeper and identify the true cause of the breach.

Results
  • Verified a POS compromise, that a competitor failed to detect, within 48 hours onsite
  • Contained and identified the true cause of the breach, going well beyond the findings of the PFI
  • Retained as client’s proactive cyber security advisor following the success of our investigation

Looking to safeguard your organization? Find out how our cyber security solutions can help you.



Cyber security services offered by Stroz Friedberg Inc. and its affiliates. Insurance products and services offered by Aon Risk Insurance Services West, Inc., Aon Risk Services Central, Inc., Aon Risk Services Northeast, Inc., Aon Risk Services Southwest, Inc., and Aon Risk Services, Inc. of Florida and their licensed affiliates. Aon UK Limited is authorised and regulated by the Financial Conduct Authority in respect of insurance distribution services. FP.AGRC.238.JJ The following products or services are not regulated by the Financial Conduct Authority:
• Cyber risk services provided by Aon UK Limited and its affiliates
• Cyber security services provided by Stroz Friedberg Limited and its affiliates.


Copyright 2021 Aon plc. All Rights Reserved.


Copyright 2021 Aon plc. All Rights Reserved.
Cyber security services offered by Stroz Friedberg Inc. and its affiliates. Insurance products and services offered by Aon Risk Insurance Services West, Inc., Aon Risk Services Central, Inc., Aon Risk Services Northeast, Inc., Aon Risk Services Southwest, Inc., and Aon Risk Services, Inc. of Florida and their licensed affiliates. Aon UK Limited is authorised and regulated by the Financial Conduct Authority in respect of insurance distribution services. FP.AGRC.238.JJ The following products or services are not regulated by the Financial Conduct Authority:
• Cyber risk services provided by Aon UK Limited and its affiliates
• Cyber security services provided by Stroz Friedberg Limited and its affiliates.