Data Security

As larger retailers adopt state-of-the-art fraud prevention and identification solutions as part of their payments infrastructure, smaller local chains and independent outlets are being left exposed as the soft underbelly of a very lucrative target.

Criminals who infect websites are making the internet much riskier for small business owners. Since early June, one gang has been using a uniquely insidious type of automated attack to inject malicious code on some 20,000 to 30,000 sites, many of them small businesses that rely on the internet to reach customers, says Wayne Huang, chief technical officer at website security firm Armorize.

While bad news around the economy continues to pile up — a plunging stock market, troublesome unemployment, a soft housing market, national debt that's out of control — the e-commerce industry seems unaffected. E-commerce sales are steadily rising and for many cross-channel retailers the channel is a bright spot in an otherwise dark place. This mood was certainly reflected at IRCE, where people were upbeat with where they were at and optimistic about their future.

After announcing PIN pads in some of its U.S. stores showed signs of tampering last month, Michaels was hit with lawsuits seeking class-action status. Three customers from Northern Illinois filed suits against the arts and crafts retailer claiming the company failed to take reasonable measures to protect its customers.

I often check the clickthough rates of our daily e-newsletter of aggregated and orignal content, ROI Report, to gauge what our audience of cross-channel retailers are interested in and concerned about. Lately, the clickthrough rates for articles about hackers and scammers targeting retailers and shoppers are through the roof

Michaels has removed the PIN pad tampering threat from its U.S. stores and believes it's identified the time frame that customer information was exposed. Based on the latest information available, exposed PIN pad transactions occurred from Feb. 8 through May 6, the date Michaels disabled the tampered devices.

After reporting that PIN pads in some of its Chicago-area stores had been tampered with, Michaels has confirmed additional PIN pads showing signs of tampering in stores throughout 20 states. The crafts retailer identified roughly 90 individual PIN pads in its 964 U.S. stores that showed signs of tampering.

Less than a month after the major security breach at Epsilon, Best Buy learned on April 22 that some of its customer email addresses were hacked from an unnamed third-party vendor.

<span class="articleLocation">Children's Place said its customer database has been hacked. Clients were sent an unauthorized email directing them to a website where they were asked to enter their credit card numbers for a software upgrade. The company notified customers about the hacking through an email.

Best Buy, TiVo and Walgreens are the latest in a string of companies hacked over the weekend. Fraudsters gained access to customers’ files, including email addresses. Epsilon, the communications provider of the companies, issued a brief statement saying “a full investigation was under way” of the breach of some customer client data was discovered.