It is a news story all too familiar these days sadly, and Adventure Apparel & Equipment Retailer Kathmandu is just the latest to disclose that it has suffered a data breach this year. According to its statement provided to the Australian Securities Exchange, Kathmandu recently became aware that “an unidentified third party gained unauthorised access to the Kathmandu web platform … between 8^th January 2019 and 12^th February 2019” – the peak post-holiday sales period.

Due to the nature of the access, Kathmandu have advised that the unauthorised individual/s could have captured payment details and personal information entered at the time of check-out, Specifically, information accessed included customers’ billing/shipping name, address, email, and phone number as well as the Credit or Debit Card details they used for their order. If their ‘Summit Club’ (Kathmandu’s Loyalty Program) details or any special instructions for their order were entered during check-out, these too could now be compromised.

Whilst Kathmandu has already taken steps to contact all those Customers affected to reset their Summit Club Passwords, set up a help line to assist concerned Customers, and banks have begun blocking & re-issuing Credit/Debit Cards where they have been notified of one of their cards being involved in the breach – the key take away from this incident is exactly how the criminals gained access in the first place.

Like many organisations out there quick to adopt technology which will help their business to succeed in an increasingly competitive marketplace, a lot of focus was put on getting their online store up and running, functional, and easy to use – but not a lot of effort was then put in to keeping those systems secure and up to date, as all of this could have been avoided with a very simple patch from the Vendor of their e-Commerce Platform.

In business, it is all too easy to spend the bulk of your time and money in the lead up to implementing new technologies – and then give little to no thought about updating, securing, and maintaining these systems in an increasingly insecure world where personal and financial information obtained illegally can easily be sold off to the highest bidder.

Information Technology Systems can no longer be viewed as the ‘set and forget’ they once were – proactive maintenance with security in mind is the only thing that can prevent you and your online systems from becoming the next casualty like Kathmandu.

If you are worried about the security or other proactive maintenance needed for your business systems, please contact the Altitude Innovations Team without delay.