Report: 63 percent of businesses have lapses in storing consumer data

CHICAGO -- After closing out a year in which major retailers, including Target, Home Depot and Jewel Osco, reported data breaches of customers' personal and financial information, 2015 began with Chick-Fil-A reporting yet another possible hacker attack.

The chain has not detailed the extent of the possible breach, or the number and locations of restaurants that are involved, but they have hired cyber security experts to investigate.

Meanwhile, a report has uncovered serious concerns about how businesses protect your data.

It seemed just about everyone received an email or letter in 2014 saying credit card information might have been exposed by a data breach.

Chicago-based information security company Trustwave, which works to help businesses protect customers' data, recently released its 2014 global security report and found that while 81 percent of businesses store customers' personal information, 63 percent of businesses don't have a "mature method" to control and track sensitive data.

"Everyone knows that data breaches are now on the map," says Trustwave's Abby Ross. "There are still serious security weaknesses businesses are facing and they are still not doing enough to remediate those weaknesses."

The study shows that one-third of businesses are not identifying where valuable data lives and moves.

"If businesses do not know where their valuable data is," Ross says, "how are they supposed to protect it?"

Many businesses also don't have enough manpower to manage important equipment.

"Our security testers have gone into environments where they see security technologies that companies pay all that money for sitting on the shelf in the package never deployed or installed," Ross says.

There are steps employees and consumers can take to minimize their risk of a data breach, including:

- Use passphrases or sentences instead of a password

- Change all passwords and passphrases regularly

- Set up Two-Factor Authentication, which adds another layer of protection, for all eligible accounts including banking website, social media and email.

- Don't click on unknown or mysterious links in emails or on social media

"These things keep coming," says Chan Tran of cyber security firm Rippleshot. "You will hear more and more of them in the future. You can have the best security system in the world at your house, but if your 13 year old son leaves the garage door open on your way to school you will be breached."

"Business still have serious security deficiencies," says Ross, "and they need to be doing more making security a business as usual imperative from the top down "

Consumer should also regularly check bank accounts and credit card statements online. Some experts also advise that, when shopping, consumers stick to credit cards and cash, and stay away from debit cards linked to checking accounts.

Chip and PIN technology in credit cards is expected to help reduce data breaches in 2015, but most experts expect hackers to find a way in the future to beat that system as well.

For another tool to fight hacking, Trustwave is offering free secure browsing that can be downloaded from their website. The free browser plug-in displays security icons next o links on search engines such as Google and Bing, in web-based email like Gmail and Yahoo and on social networking sites like Facebook, Twitter and LinkedIn.

You can download Trustwave SecureBrowsing here.