The Federal Bureau of Investigation has issued a formal warning to U.S. retailers to expect more data breaches to affect their businesses this year, Reuters reported.
The warning came after the FBI discovered 20 cyberattack cases in 2013 that were all caused by the same type of malicious software, which infects retailers' point-of-sale systems. The software was responsible for Target's breach during the holiday season, which compromised 40 million customers' credit and debit card information.
According to Reuters, the FBI sent a confidential three-page report to retailers last week saying that "POS malware crime will continue to grow over the near term, despite law enforcement and security firms' actions to mitigate it." The report says that the risks are greater in 2014 because of the increased "accessibility of the malware on underground forums, the affordability of the software, and the huge potential profits to be made from retail POS systems in the United States," Reuters reports.
Businesses have a hard time protecting their customers' data because the malware is constantly being upgraded to make it less detectable. Small-to-mid-sized businesses are at the greatest risk because they do not have the budget for sophisticated security to protect their POS systems, one security expert told Reuters. The FBI report estimated that affected small businesses have each suffered losses in the range of tens of thousands to millions of dollars.
According to USA Today, 2013 was the worst year for data breaches on record, with hackers stealing more than 740 million records. The Online Trust Alliance, a nonprofit group that promotes safe e-commerce, calls that number "conservative," but says that about 89 percent of the data breaches were avoidable had basic security measures been enforced, USA Today reports.