Data Security

A $19 million deal between Target and MasterCard to settle lawsuits stemming from the retailer's massive pre-Christmas 2013 data breach has been scrapped because it failed to get enough support from the affected banks and credit unions. While the rejection sends the companies back to the drawing board, advocates for the financial institutions said they…

The Sally Beauty chain confirmed Thursday that it's suffered its second data breach in just over two years. The beauty products seller notified customers earlier this month that it was investigating reports of unusual activity on payment cards used at some of its U.S. locations. Sally Beauty Holdings Inc. wouldn't talk about the scope of…

A proposed $19 million settlement between MasterCard and Target over the retailer’s 2013 data breach can move forward.

Sally Beauty said it is investigating “reports of unusual activity” on payment cards used at some U.S. stores.

Learn four ways online retailers can increase consumer trust and how that increased trust can lead to an increase in online sales.

The question isn't if your company will be the victim of a data breach, but when. Those were the sobering words of Martin Einstein, senior partner at Brann & Issacson, a law firm that represents online and multichannel companies, at the American Catalog Mailers Association's (ACMA) Forum last week in Washington, D.C. Einstein addressed the crowd of direct marketers on what they can do to mitigate their risk and exposure to a data breach, as well as how best to respond in the unfortunate event that a breach does occur. 

The U.S. Justice Department's Antitrust division lauded the result of its e-commerce investigation into price fixing on Amazon Marketplace. The agency alleges that online seller David Topkins and other co-conspirators fixed pricing on certain posters sold through the Marketplace from September 2013 through January 2014. Topkins, along with Jonathan Garriss and Adam Hersh, was a principal of Gotham City Online and employee of Art.com at that time. Topkins and Garriss were also co-founders of an eBay seller association called PESA. The three business partners sold Gotham City Online's poster business (Poster Revolution) to Art.com in 2012.

There are many reasons why attackers have set their sights on retailers. An increasing number of attack vectors as a result of multichannel strategies, BYOD, QR codes and mobile wallets, as well as vulnerable point-of-sale (POS) terminals, legacy systems and third parties in the supply chain are just a few reasons why retailers make good targets. It's impossible to prevent every single attack, but there are actions retailers can take to be more proactive when a breach happens. At the end of the day, a good offense is the best defense. Here are five steps retailers can take to handle a cyberattack to help identify and remove advanced threats quickly and prepare for any future attacks:

The remnants of RadioShack's retail empire went on the auction block on Monday, giving bidders the first chance to snap up the company's trademarks; patents; leases; and the names, email addresses and phone numbers of millions of RadioShack customers. For RadioShack itself, the stakes are enormous. Bloomberg News reported Tuesday morning that Standard General, a hedge fund that's one of RadioShack's creditors, has won the auction. Hanging in the balance on Thursday, when a federal bankruptcy court is expected to approve or reject the asset sale, is the continuation of the 94-year-old retailer's operations. 

Target has agreed to pay $10 million in a proposed settlement of a class-action lawsuit related to its 2013 data breach that consumers say compromised their personal financial information, court documents show. Under the proposal, which requires federal court approval, Target will deposit the settlement amount into an interest-bearing escrow account, to pay individual victims up to $10,000 in damages. The proposal also requires Target to adopt and implement data security measures such as appointing a chief information security officer and maintaining a written information security program.