Franchises and chain stores are an easy target for hackers because they share IT systems, according to research from security firm Trustwave.
Trustwave analysed 300 data breaches that took place across 18 countries last year. "Many of these were name-brand, headline making data breaches," Nicholas Percoco, head Trustwave’s security lab, told Information Age.
It found that one third of those breaches affected franchises. According to Precoco, franchises are at particular risk because they use identical IT systems across stores.
Customer records were the primary target for hackers, Trustwave found, and 90% of data breaches targetting card holder data, customer email addresses and personally identifying information
The report also found that just 16% of organisations detected the data breach themselves, with the majority getting first word of the breach through regulatory bodies, law enforcement or the public. When notified by an outside party, the average time between intrusion and detection was 174 days.
One bright spot in the Trustwave report is the improved performance of law enforcement in detecting data breaches and informing victims. One third of the breached organisations had been notified by law enforcement, compared to just 7% in 2010.