IT Security Stories to Watch: Was Chick-fil-A Breached?

The new year is finally here, and many managed service providers (MSPs) are searching for ways to safeguard their customers against various IT security issues in 2015.

MSPs that want to protect their customers against data breaches, malware and other cyber threats can learn from this week’s IT security newsmakers, which include Chick-fil-A, Android, Steam and the U.S. Department of Veterans Affairs (VA).

Here’s a closer look at each of these IT security newsmakers:

1. Chick-fil-A informs customers about a possible data breach

Chick-fil-A last week said it received reports about “potential unusual activity” involving payment cards that were used at some of its restaurants.

The fast food restaurant chain noted it is working with IT security firms, law enforcement agencies and payment industry officials to evaluate the possible data breach.

“We want to assure our customers we are working hard to investigate these events and will share additional facts as we are able to do so,” Chick-fil-A said in a prepared statement. “If the investigation reveals that a breach has occurred, customers will not be liable for any fraudulent charges to their accounts – any fraudulent charges will be the responsibility of either Chick-fil-A or the bank that issued the card. If our customers are impacted, we will arrange for free identity protection services, including credit monitoring.”

2. Quick Heal: More Android malware than ever before

Android malware has seen a 304x increase between 2011 and 2014, according to Quick Heal Technologies‘ “Annual Threat Report for 2015.”

Also, the antivirus software company found that the number of detected Android malware samples has quadrupled from January 2014 to December 2014, and the rapidly changing IT security landscape has made it difficult for many organizations to manage cyber threats.

“2014 has been an eventful year for Quick Heal and for the IT security world in general. While attackers are continually devising new methods to infiltrate systems and devices, security companies have to be more proactive and alert than ever,” Quick Heal Chief Technology Officer Sanjay Katkar said in a prepared statement. “The threat landscape has drastically changed over the last few years and this makes our job harder and highlights the importance that users and enterprises must pay to channels such as social media, web-based services, cloud portals and more.”

3. Are hackers using Steam to spread malware?

Tom’s Guide last week reported hackers were using PC gaming platform Steam to launch cyber attacks.

British security blogger Graham Cluley pointed out that cybercriminals recently leveraged Steam chat to spread malware that could affect Steam users worldwide.

“If you make the mistake of clicking on the link, and opening the downloaded file, your Windows computer could also become infected and your Steam credentials potentially stolen,” Cluley wrote in a blog post.

4. VA data breach affects 7,000 veterans

The VA recently suffered a data breach due to a third-party vendor that allegedly had been compromised.

Approximately 7,000 veterans could have been exposed as a result of this vendor’s database flaw, HealthITSecurity.com noted.

A VA spokesperson said the vendor has fixed the security problem, but the agency will continue to monitor the situation.

What do you think will be the biggest IT security stories for MSPs this week? Share your thoughts in the Comments section below, via Twitter @dkobialka or email me at [email protected].