Go to content
The Codest
  • About Us
  • Services
  • Our Team
  • Case studies
    • Blog
    • Meetups
    • Webinars
    • Resources
Careers Get in touch
  • About Us
  • Services
  • Our Team
  • Case studies
    • Blog
    • Meetups
    • Webinars
    • Resources
Careers Get in touch
2022-12-22
Technology news

Cyber Security Dilemmas: Data Leaks

Jakub Jakubowicz

CTO & Co-Founder

Cyber Security Dilemmas: Data Leaks - Image

The pre-Christmas rush is in full swing. In search of gifts for their loved ones, people are increasingly willing to “storm” online shops

Christmas is not only the harvest in the retail industry, but also prime time for cybercriminals. It is at this time of year that hacking attacks aimed at stealing or phishing are on the rise. This poses a problem not only for consumers, but also for companies for whom data leaks mean financial losses and damage to their reputation. Post-Christmas period is a perfect time to reflect on how can companies protect themselves against data leaks?

  • Customer safety is part of building trust in the brand
  • How to protect your data online while shopping
  • Application and infrastructure monitoring as a way to protect against data leakage
  • Leakage of customer data – to report or not to report?
  • How do you communicate data leakage to your customers?

Safe shopping in the battle for customers

Recent years in e-commerce have been a time of a technological “arms race” for each customer. Today, we are not simply shopping online, but experiencing a personalised shopping experience. This is to make it easier for us to complete our shopping basket and encourage us to return to the site in the future.

An important part of the aforementioned positive shopping experience is building trust in a brand. Part of that trust is ensuring our customers have a safe online shopping experience. We can do this by educating users about hacking threats and by investing in tools and technologies that protect against cyber-attacks.

How can customers protect their data?

According to the study “Reliability of online shops” commissioned by ChronPESEL.pl and Rzetelna Firma, one in four respondents has heard of a leak of customers' personal data from a shop they used. On the other hand, 6 percent of online shoppers declared that their data had actually been made available to unauthorised persons. Analysing e-commerce statistics on the number of online shoppers, more than 1.3 million people have had to deal with such a situation.

What should be reminded to our customers to feel safe during the pre-Christmas shopping frenzy in online shops?

Firstly, let’s draw the attention of our website users to fake e-shops, especially those impersonating other sites. The warning light should go on when the offers on a particular e-store are unrealistically attractive or when the site itself looks suspicious.

Secondly, let us educate our customers about phishing attacks. The pre-Christmas period is a rush of attempts to extract confidential data through emails, phone calls and text messages with information about supposedly unfinished shopping transactions or unpaid courier shipments. Caution customers against clicking on suspicious links sent by email or phone and against giving out personal or confidential information during phone calls. Encourage secure payments based on two-step authentication of transactions.

How do we protect our customers’ data?

Educating customers is one thing but keeping them safe on our website is a separate issue. In this age of increased cybercriminal activity, we should be prepared for hacking attacks and their consequences. How? It is worth introducing an early threat detection policy in your company, monitoring the performance and security of your business applications and infrastructure.

At The Codest, we provide continuous monitoring services for the performance as well as the security of IT systems based on the client’s own or cloud-based infrastructure (or both at the same time).

This monitoring services focuses on the performance of the systems in operation in terms of throughput, as well as the quality of integration of connected IT systems. This includes such important aspects in e-commerce as payment gateways, shipping systems and connected CRM and ERP systems.

A crucial element in protecting against data leakage is the need to test for cyberattack threats the production environment, i.e., that which is available to the end customer. Periodic testing is designed to catch potential vulnerabilities in systems and allow them to be fixed before an incident occurs. Every change and update in the IT area, before it is published, is tested to catch errors.

The service in question is the 24/7 service of the DevOps team, i.e., the programming and operations sections, where both programming and administrative competencies take care of ensuring the performance and security of customers’ business applications.

navy text with pink button

Leakage of customer data – what does the law say?

Prior to the GDPR era, the controller’s obligation to inform about data leaks was optional, regardless of the scale of the threat. Nowadays, if the disclosure of data is likely to cause an elevated risk of infringement of the rights and freedoms of the affected persons, the controller is obliged to inform these persons about the data leak or theft. We must also report this to the Data Protection Authority. Here, however, several questions arise.

Firstly, it is up to the controller to interpret whether a data leakage constitutes a minor incident (about which users do not need to be informed) or already a personal data breach. Secondly, there are several grounds listed in the GDPR under which we do not need to inform users that their data has been leaked.

Many companies are therefore faced with the dilemma of what to do when their customer data has seen the light of day. From The Codest’s perspective, in the vast majority of cases we should inform the customers of such an event. This is what building brand trust is all about.

How to communicate data leakage to your customers?

The milk has spilled. We have fallen victim to a data leak. What should we do next? First of all, we should have an action strategy in place. On the one hand, this must include operational measures, i.e., countermeasures to minimise the effects of the leak. On the other hand, you should maintain transparent, ongoing communication with customers about the leak. This will help you avoid or limit the escalation of a potential image crisis and loss of customer confidence.

According to another survey commissioned by Chronpesel.pl together with the National Debt Register, people who have fallen victim to a leak expect to be informed as soon as possible that a breach of data protection has occurred and what is its extent (about 60 percent of answers). In addition, respondents want information on what the controller did to avoid similar situations in the future (close to 57 per cent), as well as to whom the leaked data could have gone (over 53 per cent). The last thing we want is for them to find out about data leaks from the media or their anti-virus software. We need to give them the chance to take care and “protect” their personalities.

What are the golden rules of communication when faced with a data leak? First of all, let’s inform our customers about the incident. Let us show that the situation is under control, that we are consciously managing it. Outline what we are doing to minimise the negative effects of the leak. Finally, what measures we plan to implement to prevent a similar situation in the future.

Protect the data, protect the customer

According to the “E-commerce in Poland'' report compiled by Gemius, 77 percent of all Internet users already shop online. One in three respondents admit that they do so more often now than before the pandemic. A similar percentage notes that they purchase more products online after the pandemic. The e-commerce market itself is also growing at an extremely fast pace. This translates into more cyber-attacks on the personal data of online users. It is worth thinking about this especially before Christmas, treating an investment in security to protect our user databases as the best practical Christmas present we can give our customers.

Related articles

Software Development

Hiring Developers Internally or Externally

Hiring internally or externally? It's an ultimate dilemma! Find out advantages of outsourcing or building an in-house team in the following article.

Grzegorz Rozmus
Software Development

How to find top JavaScript programmers?

According to SlashData's latest survey conducted among developers, JavaScript remains the most powerful and popular choice, winning over other programming languages such as Python and Java. JS is commonly used for building modern...

Monika Krupa
Startups

The Codest’s US Expansion: 5 Things You Ought to Know

The Codest has been present on US market for years now. What helped us to achieve that? Dive into the article below and find it out!

Michal Bulakowski
Startups

The Right Way to Find Top Java Developers

Finding the perfect Java developer can be a daunting task. As the market demand for such professionals grows at an astonishing pace, available sources for talent search can sometimes seem limited.

Grzegorz Rozmus

Subscribe to our knowledge base and stay up to date on the expertise from industry.

About us

Tech company specializing in scaling tech teams for clients and partners thanks to top-class development engineers.

    United Kingdom - Headquarters

  • Office 303B, 182-184 High Street North E6 2JA London, England

    Poland - Local Tech Hubs

  • Business Link High5ive, Pawia 9, 31-154 Kraków, Poland
  • Brain Embassy, Konstruktorska 11, 02-673 Warsaw, Poland
  • Aleja Grunwaldzka 472B, 80-309 Gdańsk, Poland

    The Codest

  • Home
  • About us
  • Services
  • Case studies
  • Know how
  • Careers

    Services

  • PHP development
  • Java development
  • Python development
  • Ruby on Rails development
  • React Developers
  • Vue Developers
  • TypeScript Developers
  • DevOps
  • QA Engineers

    Resources

  • What are top CTOs and CIOs Challenges? [2022 updated]
  • Facts and Myths about Cooperating with External Software Development Partner
  • From the USA to Europe: Why do American startups decide to relocate to Europe
  • Privacy policy
  • Website terms of use

Copyright © 2022 by The Codest. All rights reserved.

We use cookies on the site for marketing, analytical and statistical purposes. By continuing to use, without changing your privacy settings, our site, you consent to the storage of cookies in your browser. You can always change the cookie settings in your browser. You can find more information in our Privacy Policy.