SECURITY/RISK

In a sobering statistic, one out of every 27 employees was apprehended for theft from their employer in 2016.   That's according to “The 29th Annual Retail Theft Survey,” conducted by Jack L. Hayes International, a loss prevention and inventory shrinkage control consulting firm. The survey is based on reports on over 380,000 shoplifting apprehensions that took place in 23 large retail companies, representing 16,038 stores with combined 2016 annual sales in excess of $370 billion.   

For the second time in less than three years, Kmart was hit by a malicious hack.   On Wednesday, May 31, Kmart’s parent company, Sears Holdings revealed that the chain was the victim of a security incident. The company became aware of the attack, which involved unauthorized credit card activity, following certain customer purchases made at some of its Kmart stores. Shoppers were alerted to the breach via email Wednesday evening.   

E-commerce fraud as a percent of sales dollars may be on the decline, however losses still account for billions of dollars.   This was according to the “Q1 2017 Global Fraud Index,” a report from Pymnts.com and Signifyd. The study measures and benchmarks innovations and trends that are reshaping the payments and commerce ecosystem.  

Chipotle Mexican Grill is coming clean about a cyber-attack that targeted the chain last month.   An extensive investigation lead by leading cyber security firms, law enforcement and the payment card networks revealed that malware accessed payment card data used at point-of-sale (POS) devices at certain Chipotle and Pizzeria Locale restaurants between March 24 and April 18. Not all locations were involved, and the specific timeframes vary by location, according to the chain.  

Target Corp. has resolved its 2013 data breach with a deal that represents the largest multi-state data breach settlement in history.   The retailer agreed to pay a total of $18.5 million to settle the case. The money will go to 47 states and the District of Columbia, with California receiving the largest share of  the settlement, more than $1.4 million.    

Brooks Brothers is the latest victim of a data breach.   According to the specialty retailer, an unauthorized individual installed malicious software designed to capture payment card information on some of the chain’s payment processing systems. The software compromised payment card information across some purchases made at certain Brooks Brothers and Brooks Brothers Outlet retail locations in the United States and Puerto Rico.  

Manual security remains prominent among North American retailers despite a predicted increase in fraud related to card not present (CNP) transactions.