NEW YORK (AP) — While the theft of millions of credit card numbers from Target customers last year drew attention to Internet crime, a new study finds that breaches of retail payment systems are less common than other kinds of attacks.
A report from Verizon found that Internet attacks in which data were compromised resulted more often from various small online acts, such people clicking on malicious Web links and choosing easy-to-guess passwords.
The report, considered to be one of the top annual looks at Internet-related crime, includes information from 50 organizations around the world, ranging from law enforcement to security companies. The report was due out Wednesday.
Target Corp.'s breach, one of the largest in history, resulted in the thefts of 40 million credit and debit card numbers, along with the personal information of up to 70 million people. Other companies including fellow retailers Neiman Marcus and Michaels Stores Inc. later announced breaches to their systems as well.
But while such large-scale attacks grab headlines, the number of breaches of payment systems has fallen in recent years. In 2013, there were just 198 recorded breaches of payment systems, representing 14 percent of the year's 1,367 confirmed breaches.
By comparison, data breaches through attacks on Web applications accounted for 490, or 35 percent, and cases of online espionage covered 306 attacks, or 22 percent.
Verizon says its numbers are not comparable with those from previous reports because its research methods and the number of contributors to the report have changed.
Wade Baker, Verizon's managing principal of research and intelligence, said researchers saw a big increase in attacks on smaller retailers a few years ago. But now, he says, it appears that criminals are going after major retailers that handle millions of debit and credit card numbers and leaving the smaller companies alone, even though they are easier to attack.
Continue reading this story on the...