I have no idea if their coffee is any good, but Bulletproof Coffee’s infosecurity may seem like it’s…. wait… what’s the opposite of “bulletproof?”
Eduard Kovacs of Security Week recaps a series of payment card breach notifications the Washington-based coffee firm has had to issue in the past year as it discovered that previous estimates of compromise underestimated the length of the compromise and the firm’s ability to lock the attackers out.
And that’s with working with three firms to investigate. Can most small to medium-sized firms afford to hire three firms to investigate and remediate a breach? Probably not. But then again, can most firms afford to have their payment card system compromised for a full year? How much churn will the firm suffer as word spreads that their online system was compromised like that? Or will customers shrug and say, “It happens to all companies”?