Why are Cyberattackers Targetting Loyalty Programs?
Cyberattackers have recently taken an interest in hacking company loyalty programs. This was illustrated by a recent data breach in Marriott, which affected over 500 million customers. The guests that were affected were a part of the organization’s Starwood Preferred Guest loyalty program, which is a joint program by Marriott and Starwood Hotels and Resorts. A total of 327 million accounts are believed to have been compromised as a result of the incident.
Why loyalty programs?
Loyalty programs are often large financial aspects for companies, being billion-dollar industries. Therefore naturally they become prime targets for cyberattackers. It was reported that in the above incident, over 100 000 loyalty points were stolen. Furthermore, it was reported that there are other stolen products available on a platform called Dreammarket, including Delta Skymile loyalty points.
While people are extremely vigilant in protecting their credit card data, they often do not use as much care in protecting their loyalty points. A survey completed by Connexions Loyalty found that many customers do not regularly check their loyalty accounts, and that 1 in 10 user have not actually logged on to their accounts at all. This creates a very appealing target for cyberattackers.
Furthermore, the same carelessness extends to the passwords and usernames that people use on their loyalty accounts, which are often recycled from different accounts. This makes it even easier for cyberattackers to prey on these accounts. A study carried out by Creditcards.com on 27 loyalty programs found that the security of 50% of the companies used a 4 digit pin, or passwords with 6 characters or less. Also only 1/3 of these offered two-factor authentication.
This negligence is not only limited to the customers. Companies often do not protect the loyalty accounts of their customers with the same level of diligence as they use for credit card information.
Don’t fall victim to cyberattack. Contact us today at 888 366 4443 to protect your organization’s loyalty program. You can learn more about our security services here.