According to Insurance Journal, the Target breach has revealed significant vulnerabilities inherent to the retail industry as a whole. Although most retail shops do not store sensitive credit or debit information in large data warehouses like their online counterparts, the brick and mortar shops’ point of sale (POS) software and hardware is still vulnerable to cyber breaches. POS software and hardware can include anything used by retailers to process client payment information, such as cash registers or credit card readers.
The hackers responsible for carrying out the Target breach targeted the chain’s POS system by installing malware known as “Black POS” to record clients’ credit and debit information, while remaining undetectable by virus scanning software. The Target hack exposed over 40 million credit and debit cards, and has cost Target over $250 million thus far.
Although Target did have insurance coverage protecting them against a cyber attack, their policy only covered approximately $90-$100 million worth of damages and did not anticipate the magnitude and cost of a POS cyber hack. Michael Palotay, senior vice president at California-based NAS Insurance, believes “it’s important as an agent talking to a retail insured to have an understanding of how much they could potentially lose, because that drives the conversation about limits needed and a conversation about how much exposure they’re willing to self-insure.”