Failure to Safeguard Customers’ Account Information May Impact Economy



Failure to Safeguard Customers’ Account Information May Impact Economy
By Gary Wartik
January 14, 2014

In mid-November, Target Corp. revealed that between 40 and 60 million credit and debit cards used in its stores earlier in the fall had been compromised by hackers.  The information obtained may have been sufficient to compromise their credit accounts, and in the case of debt card information, empty their checking accounts.  The story actually got worse during January when Target announced that as many as 110 million credit card records may have actually been compromised.  On January 13, high end retailer Neiman Marcus announced that it too had been hacked and that an unknown number of customer accounts had been compromised.

Target is one of the biggest retailers in America.  If credit information used in its stores could be compromised, what are the dangers to credit card holders shopping at other major retailers?  They could be equally vulnerable.  Target previously assured its customers that the security breach in their security systems had been resolved.  A corporate apology was offered to victims twice, the most recent of which was published January 13.  As more breaches were disclosed at Target, and as others breaches may arise at other major retail operations, the American public could react by reducing its use of credit for purchases. The impact on business could be notable over time since studies have shown that the convenience of using credit and debit cards helps drive retail sales.

The security industry confirms that current technology is capable of protecting customer information.  However, as a consultant to the credit industry observed in a January Los Angeles Times interview,” improved security is expensive.” One may observe that if such breaches continue to occur and spread, the reduction in business will effectively be more costly to retailers than paying to better secure credit card transactions.

David Lazarus, an Los Angeles Times writer offered a solution to future security breaches at businesses such as the Target breach, suggesting that federal law be amended to provide for financial penalties for security breaches.  Mr. Lazarus opines that retailers will not improve customer data protections until they are forced to do so.  He cites the example of how the federal government in 2010 started fining US airlines for late departures and late arrivals.  With fines of $27,500 per passenger in place, it did not take long for domestic airlines to significantly improve arrival and departure times.  In the Target case, a $25 fine per compromised account, for example would have cost Target $2.7 billion.  That would get the attention of Target’s management and serve as a warning to other retailers, all to the benefit of those retailers, the economy and the shopping public.

Target, Neiman Marcus and others need to get the message that inadequate data protection is not just part of the cost of doing business.  If not rectified, it will actually cost them business.

About the Author