In Focus: Wendy’s, Juniper Networks Latest Data Breach Victims

By Aliah D. Wright Feb 2, 2016

Fast-food retailer Wendy’s Co. and software developer Juniper Networks have become the latest data breach victims, according to news reports.

Several sources in the banking industry reportedly noticed a pattern of fraudulent transactions occuring after credit and debit cards were used at 5,700 Wendy’s locations—mostly in the Midwest. So far, the burger chain does not know how many credit cards were comprised during the breach.

“We began investigating immediately, and the period of time we’re looking at the incidents is late last year,” said Bob Bertini, spokesman for the Dublin, Ohio-based chain.

Wendy’s is working with law enforcement officials, as well as payment industry and cybersecurity experts to figure out the extent of the fraud.

Meanwhile, the FBI is continuing its investigation into the Juniper Networks breach. U.S. officials believe hackers working for a foreign government may have been reading encrypted information from the U.S. government and private companies since 2013.

(Reuters) and (The Wall Street Journal) and (CNN Video)

What Can HR Do?

Data breaches are becoming so common that many worry there may be no way to avoid them.

But there are some steps HR professionals can take.

There have been 5,810 data breaches since 2005 involving more than 842 million records, according to the Identity Theft Resource Center, which began tracking security breaches 11 years ago.

Jim Farrell, senior vice president of products at New Jersey-based Archive Systems, told attendees at an HR technology conference in Vegas last year that HR professionals need to focus on prevention.

“There is a movement in our industry to say, ‘This stuff is going to happen. Don’t try to worry about prevention; worry about how you’re going to respond’ ” to a breach, he said. “Some people are following that model. But, really, it’s important to focus on prevention.”

(SHRM Online)

Make Employees the First Line of Defense

Part of that prevention begins with educating employees—who are often the first line of a company’s defense against data breach. He and other experts offer these tips for HR:

  • Know what you have and who has access to information. Not everyone in your organization should be able to access sensitive materials.
  • Dispose of sensitive information—especially if you don’t need it.
  • Provide your employees cybersecurity awareness training.

That training includes educating employees on what to be wary of when they’re visiting online sites or opening e-mail attachments.

“It’s all about raising awareness,” said Stu Sjouwerman, chief executive officer at KnowBe4, a cybersecurity consulting group in Clearwater, Fla. “More employers are getting the message, and are very interested in what cybersecurity experts have to offer—but sadly these employers are in the minority. I think we really are just getting started and interest will only continue to expand.”

Unfortunately, many employers don’t provide their employees with this kind of training.

As SHRM Online reported earlier this year, 45 percent of in-house counsel said their companies mandate training for employees on cybersecurity and data breach prevention, according to the Association of Corporate Counsel (ACC) Foundation.

(SHRM Online)

Aliah D. Wright is an online editor and manager for SHRM Online.


Job Finder

Find an HR Job Near You
Post a Job


Find the Right Vendor for Your HR Needs

SHRM’s HR Vendor Directory contains over 10,000 companies

Search & Connect