Data Security

Home Depot said Thursday that a data breach that lasted for months at its stores in the U.S. and Canada affected 56 million debit and credit cards, far more than a pre-Christmas 2013 attack on Target customers. The size of the theft at Home Depot trails only that of TJX Companies’ breach of 90 million records in 2007. Target's breach compromised 40 million credit and debit cards. Home Depot, the nation's largest home improvement retailer, said that the malware used in the data breach that took place between April and September has been eliminated. 

Home Depot has confirmed that its payment systems were hacked at its U.S. and Canada stores starting in April. Customers who paid with cards may have had their data compromised. The company says there's no evidence that pin numbers from debit cards were stolen. On Sept. 2, Home Depot said it was working with banks and law enforcement to investigate reports that its stores could have been the source of a new batch of credit and debit card numbers being sold on the black market. 

As the summer winds down, students head back to school and there's a predictable upward trend in e-commerce activity in a number of categories. Scholars and their families are flocking to university websites to select courses, register and make tuition payments, and they're heading in droves to retailers like Ikea, Best Buy and Target to buy important supplies, furniture, electronics, clothing and more for the coming academic year. The National Retail Federation's 2014 Back-to-School Survey predicts the average family with children in grades K-12 will spend $669.28 on apparel, shoes, supplies and electronics this back-to-school season, up 5 percent from 2013.

LVMH Moet Hennessy Louis Vuitton SA ended a longstanding dispute with Google, agreeing to work with the world's largest search engine to help prevent vendors from advertising counterfeit goods online. LVMH had accused Google of violating its trademark rights by selling protected words as keywords that then link users to websites selling counterfeit items when they search under the French company's brands. Google in 2010 allowed the practice, following a European Union court ruling, bringing the company's policy in Europe in line with company rules in about 190 countries. 

Just when you thought it was safe to start accepting credit cards again…
Home Depot confirmed yesterday that it’s investigating some “unusual activity” with regards to its customer data.

A payment card industry security consortium warned retailers on Wednesday of the urgency to secure their systems against "Backoff," a malicious software program that steals card numbers. Backoff "represents a very real threat to the security of cardholder data in all organizations," wrote the PCI Security Standards Council, an organization founded by MasterCard, Visa, American Express and other credit card companies. The U.S. Secret Service and Department of Homeland Security warned last week that 1,000 U.S. businesses may be infected by Backoff, which wasn't detected by most anti-virus security software until earlier this month. 

When eBay announced in May that it had become the latest high-profile company to suffer a large-scale data breach, several top state law enforcement officials were quick to issue statements expressing concern and pledging to conduct investigations. In the ensuing week, numerous states teamed up to launch a joint probe of eBay's breach and its broader security practices, according to an official at the Connecticut attorney general's office, which along with the AGs in Illinois and Florida is leading the investigation. Connecticut Assistant Attorney General Matt Fitzsimmons said that "a fair number" of states have joined the probe.  

United Parcel Service, the largest package-shipping company in the world, has suffered a breach in computer data. It's said that few stores of UPS has been a victim of hacking, leading to stealing of customers’ data, which includes both personal and payment info. The breach of computer systems is said to affect 51 UPS retail stores in 24 states — about 1 percent of the company's total retail stores. A UPS spokesperson has confirmed that over 100,000 transactions are subject to the security breach.

The interconnectedness and rapid development of mobile technology are revolutionizing the consumer market. Retailers have fully computerized mechanisms driven by complex applications to bring their products to the mobile market, which has introduced serious security flaws into the ecosystem that can damage customers and financial giants, jeopardizing entire retail chains. Hackers have increasingly exploited these vulnerabilities in unsecure web applications using tools that can easily be found online, resulting in numerous high-profile hackings.

Q: "When PLAs were free, our company was king. Now that they're paid, we can't figure out how to crack the code and get PLA visibility. Any best practices around getting the most out of PLAs?" — Jackie Eldridge,  director of social media and affiliate 
marketing, DollarDays.com