Credit Union Sues Eddie Bauer for Failing to Prevent Data Breach
A credit union has sued Eddie Bauer, alleging that the clothing retailer failed to take adequate steps to protect against a hack that swiped the credit card information of customers last year. In its suit, Veridian Credit Union accused Eddie Bauer of deploying lax security standards, forcing Veridian and other financial institutions to bear costs related to theft of payment card information from the clothier’s point-of-sale systems. The suit is seeking class-action status in federal court in Seattle on Tuesday. An Eddie Bauer spokesman said the company would defend itself against the claims in the lawsuit, and declined further comment.
Total Retail's Take: The Eddie Bauer data security breach had sweeping consequences: After the company discovered malware on its POS systems at its stores in the U.S. and Canada in August, it said credit and debit card payments made between Jan. 2, 2016, and July 17, 2016, may have been accessed and hundreds of thousands, or perhaps millions, of customers had their payment card information compromised. Online sales weren't affected by the breach. The lawsuit says that Eddie Bauer failed to implement chip-based card anti-fraud technology, and exacerbated the problem by failing to notify customers for weeks after learning about the breach. We will be watching this lawsuit closely as it could have implications for other retailers that have experienced similar hacks.