Target

The recent hacking of customer data from Target computers is roiling the California legislature. Last week, two members of the Assembly touted a bill to strengthen consumer safeguards and limit the type of information collected and retained by retailers. The measure may trigger one of the year's biggest disputes over business-related legislation. "It'll be a big fight, a tough fight," said Bill Dombrowski, president of the California Retailers Association. The bill would shift the responsibility for any data breach from the banks and credit card issuers to the retail businesses where the breach occurred.

Recent data breaches, including those of Target, Neiman Marcus, Adobe, LivingSocial and Snapchat, indicate that merely evaluating passwords isn't an effective way to protect the systems that guard online customer account information. These are high-profile examples, but in reality nearly all online merchants are experiencing an onslaught of attacks as criminals attempt to break into their systems and steal credit card and other sensitive data. Even relatively small retailers are being assaulted. For many of these businesses, unless they adopt new authentication tactics and implement better controls, it's just a matter of time until they too become a statistic. 
Studies have repeatedly shown that the most damaging and expensive cyber attacks all have one thing in common: hackers defeat the system's authentication system. Today's sophisticated cybercriminals employ 

Data breaches, as we've all learned, can be #EpicFails with far-reaching and destructive implications for brands. Once sensitive consumer information — e.g., payment card data, home addresses, phone numbers — is stolen, the ramifications can include federal investigations, appearances by company execs before congressional committees, class-action lawsuits and months of scathing headlines, all of which can precipitate a major loss of consumer trust. "Big companies spend millions, billions of dollars building their brands over 20 [years], 30 [years], 40 [years], 50 [years], 100 years," says Eric Chiu, president and co-founder of cloud security automation firm HyTrust.

Despite excitement from the business world, consumers aren't keen on the latest innovations in retail advertising. A whole new category of technology has sprung up to serve "omnichannel" retailers, who combine online analytics with brick-and-mortar sales. They do that by connecting to a consumer's smartphone while they're in-store. And consumers are wary. According to a survey of 1,042 consumers conducted by consumer feedback company OpinionLab, 77 percent of respondents find in-store tracking unacceptable, and 81 percent said they don't trust retailers to keep data private and secure. Blame Target for that one.

In J.C. Penney's latest annual report, gone are references to becoming "America's favorite store." Its "Fair and Square" low everyday prices and jcp.com website descriptions have also been scratched. Replacing them are a return to promotional pricing and the resurrection of its old Jcpenney.com website. But that's not all. The company has also overhauled its list of risk factors. Following Target's big data breach, J.C. Penney has joined other retailers flagging data security as a major new risk factor. The economy also continues to menace the company's turnaround efforts.

The massive cyberattack on Target last year unleashed efforts to protect consumers from crooks swiping credit card data from in-store transactions. But as retailers and regulators scramble to develop a solution, hackers have already moved on. Most hackers are focusing their efforts on online transactions — increasingly with an eye on those conducted over smartphones or other mobile devices. In other words, retailers are two steps behind the criminals.

As if the recent holiday season in the wake of the payroll tax increase and government shutdown hasn't already made 2014 a disappointment for retail, then the rest of the year may require a stiff upper lip in girding for the rest of the iceberg.

About 87 percent of Americans watch television while using devices like smartphones and tablets, but most of that second-screen usage is unrelated to the show or movie, according to the NPD Group, a market research company. Now, in what could signal a new era for product placement, Target will feature dozens of products on a new episode of "Cougar Town," the TBS comedy series, and, at the moment the products appear on television screens, encourage viewers to purchase them on their second screens. The episode that airs on Tuesday at 10 p.m. Eastern will be simulcast online at ShopCougarTown.com.

Sally Beauty, a seller of hair and beauty products, said data from fewer than 25,000 customers’ payment cards was illegally accessed and may have been stolen. The U.S. Secret Service and Verizon Communications are helping investigate the incident, the Denton, Texas-based company said in a statement. Sally also said it's working to mitigate and remediate the issues caused by the breach. U.S. retailers including Target and Neiman Marcus are working to recover from hacker attacks that exposed the data of tens of millions of customers during the holiday season.

Target's security software detected potentially malicious activity during last year's massive data breach, but its staff decided not to take immediate action, the No. 3. U.S. retailer said on Thursday. "With the benefit of hindsight, we're investigating whether if different judgments had been made the outcome may have been different," company spokeswoman Molly Snyder said in a statement. The disclosure came after Bloomberg Businessweek reported on Thursday that Target's security team in Bangalore had received alerts from a FireEye Inc. security system on Nov. 30 after the attack was launched and sent them to Target headquarters in Minneapolis.