Hudson’s Bay Co.: Saks, Lord & Taylor data breach ‘no longer poses a risk’
Hudson’s Bay Co. has a handle on its previously announced data breach — an incident that its investigation revealed lasted nine months.
The department store retailer reported earlier this month that its Saks Fifth Avenue, Saks Off 5th and Lord & Taylor stores became the targets of a security breach. New details from the company’s investigation revealed that the attack began as early as July 1, 2017.
The breach has been contained since March 31, and “no longer poses a risk to customers shopping at its stores,” according to the company.
HBC’s investigation revealed that the breach was caused by malware installed on certain point-of-sale systems at potentially all Saks Fifth Avenue, Saks Off 5th and Lord & Taylor locations in North America. The malware was designed to collect customers’ payment card information, including cardholder names, payment card numbers and expiration dates.
There is no evidence that contact information, Social Security or Social Insurance numbers, driver’s license numbers, or PINs associated with the cards were pilfered. Saks Fifth Avenue credit cards were also not compromised.
Not all customers who shopped at the impacted stores during the breach were affected by the cyber-attack. The incident did not impact the company’s e-commerce or other digital platforms, or Hudson’s Bay, Home Outfitters, or HBC Europe, according to HBC.
As soon as HBC became aware of a potential issue, the company quickly engaged data security experts to conduct an investigation. HBC also has been working with law enforcement authorities to address this criminal activity, and has been coordinating with the payment card companies.
“Our customers are our top priority and we take the protection of their information very seriously,” said HBC CEO Helena Foulkes. “We deeply regret any concern this issue may have caused. Throughout this process, we have made it our goal to work quickly to provide support and information to our customers and we will continue to serve them with that same dedication.”
Going forward, HBC is offering impacted customers with free identity protection services, including credit and Web monitoring. The retailer has also established a dedicated call center for customers to obtain more information about the breach. Customers are also encouraged to review their account statements and contact their card issuer immediately if they identify an unauthorized charges.
Customized devices helps deter theft at Joann
Like so many other things in retail, there is no one-size-fits-all solution theft deterrent. Limited merchandising space, a store’s layout and the nature of the item being protected are just a few of the factors that need to be considered.
When this occurs, many retailers require more customized anti-theft equipment to stay ahead of the customer – and also the thieves.
“Customization is often required to successfully deter theft,” said Robert Hirnikl, corporate manager of asset protection at Joann, which operates more than 865 stores across 49 states. “There will always be new products, new challenges, and new technologies, so we need to work with a partner with the flexibility to adapt to the inevitable changes.”
Hirnikl wanted to improve protect high-value items like scissor from theft while adding to the customer experience. He turned to Se-Kure Controls, a manufacturer of retail product security devices, which customized the branding and messaging on the peg hook locks that secure those types of items at Joann stores. This included adding the notification to “see a team member for assistance” when the customer wanted to handle a secured item.
After successful implementation, the fabric and craft retailer later sought help with another challenge for which there was no immediately apparent solution on the market: deterring thieves from placing inconspicuous devices called overlay skimmers on the store’s credit card readers. In a problem across different types of retail settings, thieves attempt to place the skimmers on point-of-sale systems, ATMs, and gas pump, where credit and debit cards are swiped for payment. When fit over the card reader slot of such devices, thieves can capture the data and “clone” the customer’s card, which is then used in fraudulent transactions.
“We didn’t want to work with a vendor who would just throw generic equipment at us and say, ‘Try this,’” said Hirnikl. “So we challenged them [Se-Kure] to create a device for us that would prevent an overlay from being put on top of our credit card readers.”
According to Hirnikl, Se-Kure took Joann’s input and the dimensions of their card readers to come up with a device in the requested price range. The metal anti-skimming device fits over the top and side of card readers to prevent an overlay from being placed on them, while allowing full functionality. It comes with a special security tool for fastening so thieves cannot use regular tools to tamper with it.
“The anti-skimming device fits securely over our credit card reader, which would prevent the overlay skimmers from being placed on the unit,” said Hirnikl.
Report: Walmart testing more relaxed dress code
Expect to see more Walmart employees wearing blue jeans going forward.
The discount giant is testing new dress codes in a small number of stores across the United States — a move that Walmart hopes will help it attract and retain staff in a tight labor market, according to Bloomberg.
Besides allowing employees to wear shirts of any solid color, rather than just blue or white. They are also allowed to wear jeans, long as they’re solid blue, the report said. This is a departure from the company’s signature blue collared shirts and khaki or black denim pants.
To read more, click here.