We understand the specialized markets in which you operate and provide tailored solutions to meet your unique business needs.
Our comprehensive suite of business services combines industry expertise, market knowledge and professional insights.
MNP is a leading national accounting, tax and business consulting firm in Canada.
Suite 2000, 330 5th Ave. S.W.
Submit an RFP
MNP careers are Different by Design. As an entrepreneurial firm, we truly believe there are no limits to where your career can go.
As the holiday season nears its peak shopping period, businesses with point-of-sale systems should be on red alert to prevent data breaches. The highly publicized attacks on Home Depot stores, where millions of credit card numbers and PINs were stolen over a period of six months, still reverberate throughout the retail sector.
If a data breach can happen to huge corporations like Home Depot, it’s almost certain it can happen to any enterprise or organization. But a recent court case around the Home Depot breach in Ontario shows how taking responsibility and swift action can make a difference.
When the attack was discovered in September 2014, the corporation acknowledged its systems were “desperately out of date.” It added a remediation plan had been in the works, but the directors had been too slow to implement it.
Two years later, in November 2016, the Ontario Superior Court of Justice approved a settlement agreement in a civil class action against Home Depot, reducing the amount settled on to $400,000 from more than $1 million. The unique approval was due to two primary issues. The judge determined there was no evidence the plaintiffs had suffered fraudulent charges or risked identity theft because of the breach, therefore there were no damages.
The second decisive factor was Home Depot’s response after the data breach, thought to be as a result of a third-party failure. The corporation issued a public response as soon as the attack became evident, contacting customers through emails and offering free credit monitoring and identity theft insurance. Canadian Justice Perell remarked the corporation’s response was “responsible, prompt, generous and exemplary.”
Prevention is better than a cure but having a plan in place to deal with a cyber incursion can mitigate the impact. This is of particular importance as amendments to Canada’s Digital Privacy Act are set to be enacted in 2017, along with hefty fines for non-compliance. Here are four key take-aways from the Home Depot case:
The Home Depot case was in direct contrast to Yahoo, which in mid-December 2016 acknowledged a billion user accounts had been hacked as far back as 2013 and that earlier hacks happened in 2012. The disclosure impacted the $4.8-billion sale of Yahoo’s core business to Verizon Communications, which said it might seek to renegotiate the terms since the scale of the hacking hadn’t been disclosed before the deal was struck.
Big corporations have deep pockets to rebound from data loss and law suits. Does your business?
Related Topics:Cyber Security
Suite 2000, 330 5th Ave. S.W.
Find an office near me