Last week, all the San Francisco Bay News Feeds were buzzing with the following story:
East Bay Gangs Work Together For Scam
Street gangs indicted for hacking Bay Area medical, dental offices
According to ABC7News:
Investigators say the suspects hit dozens of businesses including many medical and dental offices in 11 Northern California counties over a period of two years. Officials say the locations include businesses in Antioch, Pittsburg, Vacaville, Stockton, Modesto, Hayward, Hercules, Pleasant Hill, Fairfield, Sacramento, Walnut Creek, Rocklin, Concord, Kentfield, Roseville, Vallejo, Pleasanton, Livermore, Auburn, Napa, Dublin, Santa Clara, Brentwood and San Rafael.
What these guys were doing was breaking into smaller private practices and stealing their credit card machines. Seems weird, right? Not really. Even if you have a chip card reader and the receipts only print the last four numbers of the credit card processed, the device still has all the information stored in it. The bad guys were authorizing refunds, but instead of putting it back in the account of your patient, they were putting it on a card in their hand -- meaning they stole money from you.
You may not be able to prevent this from happening, but you can certainly deter it. If you've been to any hospital lately, you'll notice that all of their credit card machines have a steel cable attached to them. All ACS clients should recognize this since we put them on all servers and most workstations. This high-grade steel cable locks the device in place to avoid thefts for this purpose.
For far too long small practices have used the excuse that because they are small, no one will go after them. The opposite is true - you are easier to victimize because you assume that no one will target you and therefore avoid spending money on security. One East Bay sheriff was quoted as saying that stricter laws and enforcement should be put in place for small businesses that ignore security basics. This should be your wake-up call to take action now.