Page 31 - GS171202

P. 31

CoverStory

He noted that financing activity in the payments sector numbers of at least 57 million Uber drivers and customers.
has also remained vigorous with $4.5 billion invested in Uber further admitted that it paid said hackers $100,000 to
275 transactions year-to-date; 99 of them originated in the destroy the data exploited and to keep the breach secret.
U.S. region. Following are additional transaction insights Within hours of these public disclosures, a lawsuit was
gleaned from FT Partners and from industry sources. filed against Uber in Los Angeles federal court. Five state
attorneys general subsequently opened investigations,
2017 payments industry finance, M&A activity and multiple class-action lawsuits have since been filed in
highlights summary timeline this case.

Jan. EVO Payments International acquires Sterling Payment Technologies Other high profile companies reporting data breaches
Green Dot Corp. enters agreement to acquire UniRush LLC included Deloitte, Dun & Bradstreet Inc. and TIO
Feb. TSYS Inc. makes $70 million investment in Central Payment Networks. Several restaurant chains detected system
May Cayan LLC acquires Card Payment Services LLC breaches, among them Arby's, Chipotle and Sonic. In
ControlScan Inc. enters merger agreement with EchoStat Inc. each of these cases, breach investigations and public
Electronic Payments Inc. acquires MobileNosh notifications were executed in compliance with legal and
June AvidXchange Inc. raises $300 million for automated B2B billpay system regulatory frameworks.
GTCR enters agreement to acquire Sage Payment Solutions Inc. Fraud attempts from Black Friday through Cyber Monday
July First Data Corp. acquires CardConnect Corp. rose sharply this year. Kount Inc. tracked a 206.37 percent
North American Bancard Holdings LLC acquires Total Merchant Services increase in such attacks on businesses year-over-year for
Inc. the peak holiday shopping weekend, which saw a 26.09
Aug. Blackhawk Network Inc. acquires CashStar Inc. percent increase in ecommerce sales, according to Kount.
BluePay Processing LLC acquires Security Card Services LLC
Vantiv Inc., Worldpay Group plc agree on terms to merge Worldpay with As of early December, 172,432,587 records had been
Vantiv exposed in 1,222 data breaches for the year, according to
Oct. Fintrax Group Holdings Ltd. enters agreement to acquire Planet Payment the Identity Theft Resource Center, which tracks U.S. data
breach incidents in seven categories. The highest number
Inc. of incidents were reported in business, with 628 incidents;
Nov. Thoma Bravo Inc. enters agreement to acquire ABC Financial Services Inc. and medical/healthcare, with 343 incidents.
USA Technologies Inc. acquires Cantaloupe Systems Inc.
Dec. JP Morgan Chase & Co. acquires WePay On average, companies globally reported 130 breach
attempts in 2017, 27.4 percent more than last year, and
Source: FT Partners, 2017 Payments Insights: Financing and M&A Statistics; nearly double the number reported five years ago, based
industry sources on annual global surveys of security and IT professionals
Unforgettable year for breaches conducted by the Ponemon Institute LLC. In its latest
survey, malware and web-based attacks were cited as the
Equifax is the poster child for data breaches in 2017, a year most costly to organizations, averaging $2.4 million and $2
that is likely one for the record books for volume of sen- million per incident, respectively.
sitive personal data exposed and subsequent failure to
release timely public disclosures. A forensics team con- Cybercrime costs to organizations impacted 2017(in 2016(in
firmed in October an Equifax breach, first disclosed on millions) millions)
Sept. 7, 2017, exposed the personal data of 145.5 million
Americans, 8,000 Canadians and an undetermined num- Average cost of cybercrime per organization, $11.7 $9.5
ber of individuals in the United Kingdom. globally
Average cost of cybercrime per organization, U.S. $21.22 $17.36
From May 13 to July 30, 2017, the exploit involved a known Average annualized breach cost per retailer $9.3 $7.12
vulnerability in open-source software used by Equifax
for which a patch was issued in March 2017. The type of Average annualized breach cost per financial $18.28 $16.53
data exposed poses an indefinite security and identity risk services firm
threat to consumers, whose Social Security, birth date, ad- Source: Ponemon Institute LLC, 2017 Cost of Cybercrime Study and 2016 Cost
dress, driver's license and credit card numbers, and cer- of Cybercrime Study
tain dispute documents were compromised.
Omnichannel not there yet
Also on the hot seat was Uber Technologies Inc., which
in November admitted it concealed an October 2016 data Despite market availability of omnichannel commerce
breach, a clear violation of multistate data breach notifica- solutions, a large percentage of small and midsize
tion laws. During the breach, hackers gained access to the businesses (SMBs) have yet to embrace them. In November,
names, email addresses, phone numbers and license plate Cayan LLC released results of a survey in which it asked

26 27 28 29 30 31 32 33 34 35 36