A different kind of data breach hits Nordstrom
Another retailer was hit by a cyber-attack, but this one didn’t target customer information.
Nordstrom was hit by a data breach that targeted the personal data of current and past employees. Information that may have been exposed includes names, Social Security numbers, dates of birth, checking account and routing numbers, salaries, among other data, according to The Seattle Times, which first broke the story.
The breach, which occurred on Oct. 9, stemmed from “a contract worker [that] improperly handled some Nordstrom employee data. Customer data was not impacted,” according to a company statement.
The company’s information security team promptly discovered the incident, and immediately notified law enforcement to begin a comprehensive investigation. The contract worker no longer has access to Nordstrom’s systems, and the company has put additional measures in place to help prevent a similar situation from recurring.
While the company has no evidence that data was shared or used inappropriately, the company immediately notified employees “so they can take the appropriate steps to monitor for any potential unauthorized activity,” the statement reported, adding that Nordstrom is also offering impacted employees free identity protection services for 24 months.
“No one company is immune to cyber-attacks, but how a company responds will make all the difference in restoring trust with customers and employees and proving that they have taken all possible actions to inform and mitigate the damage during an event,” said Ryan Wilk, VP of customer success for NuData Security.
“Nordstrom’s response time to this data breach incident is laudable as well as their attempts at transparency. Online companies should do more to devalue personal information or PCI Data so if a breach does occur the data obtained by cyber attackers is less valuable.”
Wilk also encourages retailers to use technologies, such as passive biometrics and behavioral analytics “to detect and devalue the data when bad actors use it to commit account takeover at login or attempting to create new accounts such as credit cards and loads,” he added. “It will dissuade bad actors from attempting to steal the data in the first place.”
Other retailers targeted by cyber-thieves this year include Hudson’s Bay Co.’s Saks, Saks Off Fifth and Lord & Taylor brands, Best Buy, Panera Bread, Sears Holdings, and Under Armour.
Albertsons to roll with Tesla trucks
Albertsons is making its Southern California fleet a little greener.
The supermarket giant announced the addition of 10 all-electric Tesla tractors to the fleet alongside its 2018 sustainability update.The new trucks will service Albertsons, Vons and Pavilions stores in the region, able to travel between 300 and 500 miles — sometimes more — on a single charge with a fully loaded trailer, using fewer than 2-kilowatt hours per mile.
“Advancing supply chain efficiency and sustainability is an important goal for our company,” said Tom Nartker, Albertsons VP of transportation. “We’re excited to pilot this expansion of our transportation program with trucks that help us limit our overall carbon footprint.”
Starbucks cutting corporate workforce
Starbucks Corp. is reportedly making some big changes at its Seattle headquarters.
The coffee giant plans to cut 5% of its corporate workforce, according to CNBC, which cited a memo sent by Starbucks CEO Kevin Johnson. The layoffs, first reported by The Wall Street Journal, will affect some 350 employees in marketing, creative, product, technology and store development, according to the report.
The cuts were not unexpected. In September, Starbucks said it was realigning its organizational structure, which would result in cuts to corporate staff.
Click here to read more.