Data Security

Walgreens announced on Friday that it inadvertently exposed personal messages stored on its messaging app due to an internal error. On Jan. 15, officials said they first discovered an error in Walgreens’ personal secure messaging features and launched an investigation. They found a data compromise, which allowed personal messages stored on its database to be viewable by other customers.…

Most retailers keep on hand troves of customer financials that, in the age of data-as-an-asset, are the modern equivalent of Fort Knox. The problem is that many retailers still fail to implement Fort Knox-worthy security measures, and they pay dearly for their shortcomings. The State of Cybersecurity in E-Commerce The persistence of data thieves remains…

Online sales and direct-to-consumer (D-to-C) shopping has transformed retail and the way today’s consumers discover and purchase goods and services. Challenger D-to-C brands such as Casper, Bonobos, and Stitch Fix have forced traditional brick-and-mortar brands to up their digital presence to ensure they don’t lose market share. With the majority of shopping taking place through…

An ungated database containing more than 440 million records owned by beauty company Estée Lauder has been exposed online, Forbes reported. A security researcher, Jeremiah Fowler, found the database in late January that was internet-facing and had no password protection. Estée Lauder released a statement explaining that a limited number of non-consumer email addresses from…

Hanna Andersson, a children’s clothing company with stores across the country, has told customers that their card payment data may have been compromised in a security breach last year. For nearly two months from mid-September to mid-November, an “unauthorized third party” had access to card payment information that certain customers entered as they were checking…

Rooted in increased regulation such as GDPR and CCPA and general customer backlash, a growing emphasis on collecting consent and ensuring privacy of customer data exists. In this environment, the “cost” of compliance is a top-of-mind factor for retailers, but how “cost” is considered varies from organization to organization. Irrespective of an organization’s approach, the…

The point of the broad-based California Consumer Privacy Act of 2018 (CCPA), signed by California Governor Jerry Brown in June, is to protect consumer data. For retailers wondering if the CCPA will impact their business, time is limited to figure out if and how. If you're a retailer selling products online and already compliant with the General Data…

There are so many ways for the holidays to turn sour for an online retailer. Gift cards and loyalty points, not subject to the same type of verification as credit cards, are stolen from customer accounts and used for fraudulent purposes. Compromised corporate credit cards are used to make high-volume purchases in the thousands of…

There’s no understating the impact that small computer in your pocket has made on retail. But governmental bodies are starting to reckon with it. Starting January 2020, California will enact the California Consumer Privacy Act (CCPA). CCPA follows in the footsteps of the European Union’s General Data Protection Regulation (GDPR) and precedes the Brazilian Data…

With the rise in e-commerce sales, cybersecurity attacks are increasing. Last year, 70 percent of small business websites faced some type of cyberattack during the holiday season. This year, ransomware has already spiked 500 percent. These attacks can put stores offline for hours or days — and some out of business. Obviously merchants can’t afford any downtime — especially…