Online retailers will need to take proactive measures in 2015 to prevent customers’ personal data from being compromised, according to Symantec’s 2015 Internet Security Threat Report.

The report from the U.S. internet security firm breaks down the threats and vulnerabilities of the past year, and offers a preview of the cyber threats that the coming year may bring.

Between 2013 and 2014 the number of large data breaches involving more than 10 million records dropped, but the total number of breaches doubled between 2012 and 2014 to 312. The health care sector reported the most breaches in 2014, accounting for 37 percent of all incidents, perhaps a result of the tremendous amount of health information its members collect.

Retail ranked second in breaches, making up 11 percent of the total, but accounted for a stunning 59 percent of exposed identities. That’s a number that will probably increase as online retail makes up a larger portion of total sales, and vulnerabilities surface in the ecommerce software that makes those sales possible. Retailers should be vigilant, and employ basic safeguards to improve security and protect customers’ personal and financial data.

Here are some common security gaps to address:

  • “Wait, I didn’t mean to buy that.” Confirming transactions reduces inadvertent online and app purchases made through an online store or app. Consider requiring customers to enter their password before completing a transaction.
  • Can I get a receipt?” Automatically provide customers with SMS or E-mail receipts, immediately after they purchase a product or service. It helps customers track their purchases and quickly identify fraud by calling attention to unauthorized purchases.
  • “Password” is not a good password. Require customers to set strong passwords to plug a common cybersecurity gap that can open the door to hackers. A business can’t prevent users from recycling passwords, but it can dictate their content and complexity. Set a minimum number of characters, require uppercase and lowercase letters, numbers, and special characters and require updates.
  • “But we’ve never had a breach.” Don’t relax. Apply best practices and keep abreast of emerging threats to protect your online storefront and your customers’ personal data. Track hackers’ efforts to steal personal data, patch vulnerabilities and employ recommended encryption.

Fox Rothschild attorneys know protecting customers’ personal information is critical. For more information, please contact the author, a member of the Privacy & Data Security practice, or your Fox Rothschild attorney.