Target breach lesson: no company is looking out for you

For a retailer which has taken pride in setting itself apart from Wal-Mart in terms of clientele served, treatment of employees and social corporate responsibility, Target is experiencing a rather organic image crisis, thanks to its recent bungled response to a major data breach resulting in the theft of sensitive, encrypted financial information of its customers.  This corporate faux pas, however, was not caused by social media stupidity or industrialist hubris.  Instead, Target’s inability to fend off a major data breach is a matter of corporate neglect, one which has customers sitting up and taking notice and, hopefully, has the retail world thinking about how to treat such problems effectively.

The Big Red Dot’s paltry offer of a 10% discount to those customers affected by its recent financial data breach did precious little to help the retailer.  Lawsuits have been filed in a number of states, including New York, California and Florida, by consumers claiming Target did not go far enough to protect customer’s financial information.   That said, Target’s foul-up is just the latest in a string of similar techno-gaffes occurring at other retailers, with two memorable foul-ups coming to mind.

In 2009, Wal-Mart Stores experienced a data breach which put financial data for some of its own customers in jeopardy, after the implementation of a highly touted next-generation security system in 2007. The other major breakdown occurred in 2008 when a hacker attack resulted in the theft of millions of card and checking account numbers from the databases of Delhaize, Inc., the then-parent company of Food Lion, Hannaford, Sweetbay and Harvey’s supermarkets.  In both cases, critics and consumer advocates stated both companies’ data security protocols were insufficient to stop such foul ups.

Even the world of data security companies are not immune.  The most infamous example of this happened in 2008, when Lifelock CEO Todd Davis’ identity was stolen after a national advertising campaign in which Davis brazenly displayed his Social Security number in an ad.  Naturally, Lifelock later amended its advertising to remind consumers that no one can completely prevent identity theft.  It was a prime example of advertising hubris gone wrong.

Sadly, most people, regardless of how much they say they monitor their bank accounts, really don’t pay any attention to their finances at all and, despite what major retailers may say, they really don’t give two flips about financial security records unless it hits them directly in the pocketbook.  It may seem cynical, but it comes back to the own Latin cliche of “caveat emptor” (a.k.a. “buyer beware.”).

To use geopolitical vernacular, the theft of millions of credit and debit card numbers, along with their encrypted PINs, is akin to a Russian double-agent sneaking into NORAD and stealing not just the missile launch codes, but the actual blueprints for the warheads themselves.  The only true defense to this sort of error, sadly enough, is for consumers to use their own “nuclear option.”  Namely, cash on the barrel!

Target's data breach has exposed the simple fact that, unless the consequences are financial for the company, most retailers are not concerned about data security.

Target’s data breach has exposed the simple fact that, unless the consequences are financial for the company, most retailers are not concerned about data security.

One thought on “Target breach lesson: no company is looking out for you

  1. Pingback: Cryptoquote Spoiler – 01/29/14 | Unclerave's Wordy Weblog

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s