Data Security

As e-commerce grows, retailers continue to be a prime target for cyber attacks due to the higher volumes of personally identifiable information (PII) and payment card information (PCI) being handled. This data can be sold, used and exploited by malicious actors for potential financial or personal gain. With retail sales fluctuating year-over-year, customer trust and…

Kroger Co. said in a statement Friday that personal data, including Social Security numbers of some of its pharmacy and clinic customers, may have been stolen in the hack of a third-party vendor’s file-transfer service. The third-party vendor, Accellion, was used by Kroger as well as many other companies for secure third-party file transfers. Accellion notified Kroger that…

A recent survey revealed that more than half of all consumers (56 percent) plan to continue shopping primarily online post-pandemic, compared to just 5 percent who say they will shop only in-person afterward. In fact, data showed that half as many people shopped inside stores last Black Friday compared to 2019, while, in stark contrast,…

In my previous article about Magecart web skimming attacks, I recapped some of the noteworthy victims of this cybercriminal collective and how attackers managed to breach them. Today, security teams in retail are mostly aware of this threat, however, navigating the different technologies and products that claim to be effective towards Magecart isn’t an easy…

Magecart was certainly one of the most infamous names in 2020 when it came to cybercrime in retail. Just a few years ago, the notion of having cybercriminals silently place a skimmer in your own e-commerce website would sound absurd. Yet, to date, thousands of retailers have been breached, unknowingly allowing attackers to steal their…

With smart data use a key driver of growth in recent years, increasing customer privacy protection presents a challenge for online retailers. However, it also creates an opportunity to be proactive when it comes to data management and make a streamlined approach to privacy a business asset. The result of an ongoing collaboration between a…

It’s no secret that the COVID-19 pandemic has severely impacted small and medium-sized businesses (SMBs). While dealing with decreased foot traffic, greater local regulations, and growing expenses, cybersecurity has undoubtedly become a lesser priority for SMBs struggling to get back on their feet. In the midst of all this, cyberattacks have increased significantly throughout the…

In the last year, we've seen a surge in consumers’ use of mobile technology in ways that no one could have predicted. Smartphones and other mobile tech are being used for more than just easy and accessible communications, doing everything from conducting conference calls to hosting virtual happy hours despite the challenges put forth by…

California’s Proposition 24, which expands the state’s consumer privacy law, was passed by voters on Nov. 3, 2020. Starting January 2023, the new law, called the California Consumer Privacy Rights Act (“CCPRA”) will take effect and allow consumers more control over how businesses collect and use their personal information. Today, advancements in technology allow retailers…

A cybersecurity attack on Barnes & Noble exposed customers' personal information, including transaction history and email addresses. The bookseller sent an email notifying customers of the data breach, which it was aware of since Oct. 10. Barnes & Noble clarified customers' financial information, such as payment card information, was not among the exposed data. Total Retail's Take: In response to…