For most retailers credit cards are the primary form of the payments that they receive. Accepting credit cards, however, carries significant data security risks and potential legal liability. In addition to the normal repercussions of a data security breach – i.e., reputation damage, the risk of  class action litigation, and the risk of a regulatory investigation – if a retailer’s credit card system is compromised the retailer may be contractually liable to its payment processor, it’s merchant bank, and ultimately the payment card brands (e.g., VISA, MasterCard, and American Express). In many cases that contractual liability surpasses any other financial obligation that arises from the breach.

The following provides an overview of credit card data breaches:

Click here to view the table.

Factors retailers should consider when preparing to respond to a credit card data breach:

Click here to view the table.