"I would recommend people follow general security recommendations," Yampolskiy said. In addition to ensuring strong password and PIN policies companies should also ensure their critical systems are properly patched.

"Closely monitor access to critical systems, and implement log aggregation to monitor their access," he said. "Consider installing host-intrusion detection systems on critical servers which use machine learning algorithms to differentiate good software from the bad unknown ."

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at or subscribe to . His e-mail address is .

in Computerworld's Data Security Topic Center.