Third-Party Access Vulnerabilities Cause 1/3 of Retail Breaches

November 18, 2014//Ellen Neveux

Last Updated: May 30, 2018

A new study released today shows that 33% of data breaches in the retail space were due to third-party vendor access vulnerabilities.

The research comes from BitSight Technologies, who reviewed data from 300 major US retailers for a period of one year, starting November 1, 2013 through November 1, 2014. The results highlight the best practices debate on third-party vendor access management.

Retailers utilize technology and products from hundreds to thousands of partners around the world; each partner often requires access to a retailer’s network when support is needed. Therefore, enterprises need a secure method for remote support.

Previous approaches include VPNs or desktop sharing tools, making data systems susceptible to cyber strikes. Hackers have exploited vulnerable VPN credentials to launch network attacks. Notably, compromised third-party credentials caused the recent breaches of Target, Home Depot, Jimmy Johns, Dairy Queen and Goodwill.

With a growing number of cyber-attacks originating from third-party vendor access, CIOs and CISOs are pressed to find effective methods for proper vendor credential management.

Request a demo to see how you can take control of your third-party vendor access.

Subscribe to the SecureLink Blog.
close close