"You Just Feel Like a Sitting Duck”
How One Step Secure IT Helped This Business Move Past A Cyber Attack
Chatham T Co.
Sandy Wycoff opened her retail business, Chatham T Co., on Memorial Day weekend of 1979, in the seaside resort town of Chatham, Massachusetts. Today, Chatham T Co. operates three storefronts on Main Street — Chatham Clothing Bar, Chatham Kids, and Chatham Clothing Co. The Northeastern retail stores sell clothing and accessories for everyone, from infants to adults.
“We just thought we were sitting pretty,”
...Wycoff said until she found out the hard way that her business was not as safe as she had originally thought.
What Happened?
It was a day like any other at the seaside clothing store when Sandy’s bookkeeper received an email from a vendor asking for payment. In the same manner, she had done countless times before, she emailed Wycoff to ask for payment approval.
The bookkeeper got a response from Wycoff via email saying, “yes, go ahead and make the payment.”
Nothing seemed out of the ordinary.
The bookkeeper paid the vendor via wire transfer, as she usually did without issue. She then received an email from the vendor saying the wire didn't go through.
“Could you send the payment again?” the email read.
Before sending the payment for a second time, she decided to check in with Wycoff. There normally weren’t any issues when sending wire transfers to vendors.
“She picked up the phone, and she called me and said ‘do you want me to send this wire transfer again?’ and I said, ‘I don’t know what you’re talking about,’” Wycoff recalled.
The panic kicked in. Who did the bookkeeper send the money to?
Fraudsters targeted the bookkeeper with phishing emails. She received fake emails from a “vendor” she trusted. The same cyber criminals sent the emails from Wycoff’s email address. She had been hacked. This was a well-planned cyber attack, and the bookkeeper had fallen victim.
Wycoff contacted the bank and found there was nothing they could do to get the money back since it was an authorized transaction. The bank tried to trace the wire transfer back to the “vendor’s” account, but it did not exist anymore.
Thousands of dollars. Gone.
Now Wycoff knows the hackers had been inside of the Chatham T Co. system — watching. They observed how Wycoff conducted business, how she communicated with her employees, and how she paid her vendors. And they used that information to trick her employee and steal thousands of dollars from her business.
What Did Chatham T Co. Do Next?
After Wycoff called her bank in a panic, she thought about her business’ general liability insurance policy, but her policy didn't cover the cyber attack, leaving her holding the bag.
In today’s world of cyber crime, businesses need not only a business insurance policy, but a Cyber Liability Insurance (CLI) policy as well to cover losses caused by cyber attacks. Without CLI, the business is fully responsible for the consequences of a cyber attack.
Because of the rise in cyber attacks in recent years, Cyber Liability policies have stricter guidelines, and businesses must meet more requirements in order to qualify for coverage.
“What we learned is that even if you have insurance, if you don’t check the boxes that the insurance company requires, then you aren’t covered,” Wycoff said.
“It’s a little bit of a racket.”
Unfortunately, the damages of cyber attacks go beyond monetary. Businesses can experience customer loss, reputational damage, and data loss — all affecting profits.
The entire experience of being hacked, Wycoff said, was scary, absurd, and really invasive. It’s almost worse than having someone break into your home, she said.
The phishing attack pushed her to recognize the need to protect her systems with One Step’s cybersecurity services. Wycoff decided it was time to take her business’ cybersecurity seriously.
Because Wycoff had been a One Step customer for over six years, she trusted One Step's reputation for quality services. The long-term working relationship made choosing One Step Secure IT a simple decision. She knew One Step could help her maneuver the world of cybersecurity.
How Did One Step Secure IT Help?
After One Step Secure IT assessed her systems and vulnerabilities were inevitably found, One Step’s IT team worked with her to secure the gaps.
Wycoff knew she needed a Cyber Liability Policy, and One Step Secure IT was there to help. The One Step team helped her acquire a policy and navigate the complex compliance process while simultaneously securing her systems.
One Step Secure IT implemented a strong multi-layered cybersecurity strategy and conducts regular scans to maintain the safety of the Chatham T Co. systems. Wycoff’s staff undergoes ongoing Employee Awareness Training, so if a phishing email makes it through their spam filter, her employees have the tools to identify it.
In addition, Wycoff has access to a One Step IT and cybersecurity expert with whom she can meet to discuss any concerns.
“I think the advantage is really having someone help us understand and work through all the holes in our system and how we plug them because prior to that, you just feel like a sitting duck and you have no idea what to do to stop the hackers,” Wycoff said.
The Frightening Truth is...
Wycoff’s situation is not uncommon, and small businesses are being targeted and attacked every day.
Keep in mind…
- Cyber attacks are happening every 39 seconds
- 503 US businesses get hit with a cyber attack every week
- 83% of companies are not financially prepared to recover from a cyber attack
“I think you don’t hear a lot about small businesses being hacked because they’re embarrassed. Not only that — if you are hacked, you really can’t find the person who’s doing it. All you can do is protect yourself,” Wycoff said.
Chatham T Co. survived the cyber attack and is still in business today, but that is not always the case. A startling 60% of companies go out of business after a cyber attack. Chatham T Co. is one of the lucky ones.
Chatham T Co. Today
Experiencing a cyber attack firsthand opened Wycoff’s eyes to the dangers that lurk behind computer screens.
She now takes the precautions and invests in her business's cybersecurity. Although she knows that there are no guarantees against future attacks, she now has Cyber Liability Insurance and works together with One Step Secure IT’s cybersecurity experts to protect her business.
Chatham T Co. and One Step Secure IT work as partners in the pursuit of keeping the business’ systems safe.
Chatham T Co. Operations Manager Emma Carroll works closely with the One Step Secure IT professionals. She found that one of the most obvious advantages of working with One Step is their knowledge of point of sale systems and the ease of implementing their cybersecurity strategy.
Having a direct contact to help her through IT issues gives Carroll peace of mind, she said.
“I feel like we are top of the list, and I can always get a response, which is reassuring for me because I can troubleshoot some things, but I'm not an IT person. So to have One Step in my back pocket, for me, helps me do my job better,” Carroll said.
The tactics of cyber criminals are always evolving and no business can be 100% safe from their advanced attacks, but Wycoff and Carroll take comfort in knowing they are doing what they can to protect Chatham T Co.
Wycoff knows One Step does everything possible to keep her systems safe. If a breach occurs, One Step cybersecurity experts work to remediate the damage according to mandated regulations while maintaining business continuity with minimal downtime or disruptions.
One’s Step guides Chatham T Co through various IT and cybersecurity issues that arise.
Recently, a Chatham T Co location suffered a water break in the store. There was a fair amount of water damage, Carroll said, and they lost power for some time.
“Fortunately, the computer system was fine but before we got the power back up and running, I called my main One Step contact, and said ‘what do I do if I can’t get this up and running?’”
One Step’s Managed IT expert walked her through the steps of how to best turn on the store’s systems and make sure everything was in working order.
“He reassured me that all of our data was backed up in the event that we lost all of our hardware — it all could be replaced and our information wouldn't be gone,” Carroll said. “I think for me, being able to pick up the phone and just call is a huge piece of it.”
Since Chatham T Co. started working with One Step Secure IT, Wycoff’s business is more secure, no matter what curveball life throws at them.
Confident that your business can recover from a ransomware attack?
If the answer is anything other than yes, it's time to schedule an IT Threat Assessment with One Step Secure IT.
When your assessment is complete, you will know for sure if your company’s data is truly secured from cyber threats, where you are partially or totally exposed, and how you can improve your employees’ security, performance, and productivity.
It never hurts to have an independent third party review your security posture. Schedule your IT Threat Assessment today!