Macy’s Reveals Two-Month-Long Data Breach

Macy’s has informed online shoppers of a data breach that lasted nearly two months. The breach affected an unspecified but “small number of our customers,” the retailer revealed in a letter emailed to customers last week.

Macy's cyber threat alert tools detected suspicious login activities on June 11.


Data Breach At Chatbot Service Potentially Affects 100,000 Sears Consumers


UPDATE: Best Buy confirmed in a statement that a number of customers may have had their payment information compromised during the [24] payment breach.

Best Buy has not revealed the number of potential customers affected by the breach, indicating "a small fraction of our overall online customer population could have been caught up in this [24] incident, whether or not they used the chat function."

Sears confirmed that one of its customer support services experienced a security incident in fall 2017 that may have exposed credit card information of nearly 100,000 Sears customers. The incident also affected Delta Airlines consumers.

[24], an AI-powered chatbot platform that provides online support services to Sears and Kmart, notified Sears of the breach in mid-March 2017, the retailer revealed in a blog post. Sears immediately notified the credit card companies to prevent potential fraud, and launched an investigation with federal law enforcement authorities, banking partners and IT security firms.


Data Breach Hits 150 Million Under Armour Health App Accounts

MyFitnessPal, the diet and exercise app of Under Armour, was hit by a data breach that affected approximately 150 million accounts, according to CNBC. Compromised information may include user names, email addresses and encrypted passwords but not payment data, which Under Armour processes separately.

User data was accessed in February and Under Armour became aware of the breach March 25. The sports apparel retailer took steps to notify affected customers and is working with data security firms and law enforcement to support the investigation. Additionally, Under Armour is monitoring for further suspicious activity and has started improving its systems for detecting and preventing unauthorized access, according to Reuters.


Stop Whining About Data Security And Start Innovating

0aJim Morris DSAGWhen Ron Shevlin asked former Walmart CEO Lee Scott at a BAI Retail Delivery Conference if Scott thought the multi-retailer payments organization Merchant Customer Exchange (MCX) would succeed, Scott is reported to have replied, “I don’t know that it will, and I don’t care. As long as Visa suffers.”

Mr. Scott’s comment underscores the fact that there is no love lost between Walmart and Visa: the latest eruption happened in July 2016, when Walmart Canada phased out use of Visa cards, claiming interchange fees were too high. Couple this with years of antitrust lawsuits, data-breach lawsuits, FTC enforcement of data security standards, etc., and it is easy to see why the payments industry is in chaos today — especially related to fraud and data security.


#RSP16 Webinar Series Delivers Strategy And Planning Insights

The #RSP16 Retail Strategy & Planning webinar series offers a concentrated burst of information, insights and best practices for retail decision-makers. Over four days, from Sept. 19-22, Retail TouchPoints will present seven webinars on some of the industry's hottest topics, including:

• Using location data to boost business results;

• Harnessing distributed analytics to drive revenue, CX and supply chain excellence;

• Building an "advocate army"; and

Safeguarding your e-Commerce business from the ravages of data-scraping "bots".


MICROS Data Breach Could Involve Russian Cybercriminals

Computer systems at MICROS, a division of Oracle, have suffered a data breach that also has compromised a customer support portal for its MICROS point-of-sale credit card payment systems, according to a report in KrebsOnSecurity.

Oracle, which purchased MICROS in 2014, has confirmed that it is investigating a breach at the POS division. In an email to ZDNet, the company said it had "detected and addressed malicious code in certain legacy MICROS systems," but that Oracle's own systems, corporate network, cloud and other services were not affected. The company also noted that payment card data is encrypted both at rest and transit in MICROS-hosted environments.


Brexit's Retail Impact: The Sky Is Falling! (Or Is It?)

One thing is clear about the impact of Brexit on retailers and consumers: nothing is very clear about the impact of Brexit on retailers and consumers. Yes, there have been immediate effects from the June 23 UK vote to leave the European Union (EU), but most of these have been the result of the nosedive that the British pound has taken relative to other world currencies.

So while economists and pundits are full of predictions, many of them dire, it's important to remember that at this point the effects are more psychological than concrete. The actual shape and scope of the Brexit is unlikely to be known for at least two years, not least because the UK has not even formally filed for its "divorce." British Prime Minister David Cameron, who has said he will resign in October 2016, will leave the invocation of Article 50, which starts the Brexit process, to his successor.


Three Questions To Answer When Balancing Personalization With Data Security

0btmWould you trade your personal data for a more customized retail shopping experience? More and more consumers are saying yes. In a study this year by and the research firm Bovitz, more than 70% of Millennials are somewhat or very interested in personalized offers and willing to trade information about themselves to get them.

This is good news for retailers that want a better understanding of their customer base in order to shape a personalized shopping experience. Yet consumers’ willingness to give you details of their data — beyond basic contact information — goes hand-in-hand with the expectation that you’ll do everything in your power to safeguard it.


Despite Security Concerns, 49% Of Retailers Lack End-To-End Encryption Protections

Although data security measures should be a major priority in the wake of the numerous large-scale data breaches that have occurred at retailers including Target, The Home Depot and Michaels, many retailers still haven’t taken every effort possible to beef up their payment systems' protections.

Only half (49%) of retailers have implemented end-to-end encryption (E2EE) into their payment security plan, while 35% have implemented tokenization of payment data, according to a report from Boston Retail Partners.


Heartland, Smart Card Alliance Team Up To Improve Data Security

1heartlandsmartcardPayment processor Heartland Payment Systems is working with the Smart Card Alliance, a non-profit, multi-industry association that works to streamline smart card technology, to launch the National Center for Advanced Payments and Identity Security. The center is designed to help protect consumer privacy and accelerate the data security of payments and identity, by offering education on industry best practices and advances in security technology.

Subscribe to this RSS feed