From January 2017 until now, there have been data security breaches in stores of 15 major retailers across the country. The data breaches have reportedly happened due to flaws in payment systems – either in the stores themselves or on their online shopping sites.
The breaches put both the shoppers, as well as the stores, in danger and can lead to identity theft or at the very least the stealing of credit card information. According to a poll taken by KPMG, 33% of people surveyed said they would not shop at a store that was breached for an extended period of time. A further 19% of the people surveyed stated that they would stop shopping at such store all together.
The Stores that were Breached:
The 15 retailers that were breached have all confirmed the privacy attack, and most of them have estimated the scope of the data security breach that put their customers at risk:
According to the retail giant, there was a "security incident" that resulted in approximately 100,000 custmers falling victim to credit card information theft. The breach, which happened as a result of a partnership with an online support partner, happened between September 27, 2017 and October 12, 2017.
It was reported on April 4 that the chain Kmart, which belongs to the Sears Holdings Corporation, was also breached.
The airline company used the same online support partner as Sears, and it has no estimation as to how many customers were affected by the incident.
This sportswear chain's website has been breached by an "unauthorized party," and the company also has no estimation as to how many clients were affected. Along with credit card information, email and physical addresses, contact information, passwords and other data were compromised.
According to Best Buy, "a small fraction of our overall online customer population" fell victim to the company's data security violation.
Saks Fifth Avenue
Owned by Hudson's Bay, Saks Fifth Avenue was breached on April 2017. The number of people affected is estimated to be in the millions, and the information stolen includes debit cards and credit cards.
Lord & Taylor
The clothing retailer, also owned by Hudson's Bay, was affected by the breach.
The security transgression was initially estimated to involve around 37 million customers, but upon further inspection, the number is less than 10,000. Names, partial credit card numbers and addresses are reported to have been leaked in the breach.
The payment system of the grocery stores was not affected by the security breach, but the chain's table-service restaurants and taprooms were.
The chain stores' data was breached due to a flaw in cashier terminals, which led to a leak of credit card numbers, verification codes, expiration dates and other information. The breach occurred from March 2017 through October.
MyFitnessPal, which is owned by Under Armour, estimates that 150 million people had their MyFitnessPal accounts breached. Weight loss information may have been leaked, but payment info was not.
The chain estimated that nearly 5 million customers have been affected by credit card information theft that happened during 2017.
The chain of restaurants was affected by malware that caused a breach in the cashier systems between October 25, 2016 and January 19, 2017. Information from 355,000 credit cards was leaked in the breach.
The data breach at Gamestop happened between August 2016 and February 2017 - approximately 6 months. The breach in the company's website caused a leak of credit card information, addresses and names of customers.
The breach at Chipotle happened on the network that supports its in-restaurant payment processes. The data security breach happened during March and April of 2017, and it caused a leak in credit card information.