Reports of Potential Data Breach at Saks Fifth Ave
Saks Fifth Avenue is the latest retailer to report customers’ personal information has been inadvertently exposed online. In this specific case, BuzzFeed News reported that customers’ names, e-mail addresses and phone numbers were visible through a link on the retailer’s website.
BuzzFeed said “tens of thousands of customers” were affected and their personal information was visible “in plain text online” via a specific link on the Saks website were online customers go to join a wait-list for certain products.
The company that owns Saks and maintains its online website, Canadian-based department store Hudson Bay Co., acknowledged that some customer data was exposed but it stressed that it is moving quickly to resolve the situation and that key personal data such as credit card information was not exposed.
“We take this matter seriously,” Hudson’s Bay Co. said in a prepared statement. “We want to reassure our customers that no credit, payment or password information was ever exposed. The security of our customers is of utmost priority, and we are moving quickly and aggressively to resolve the situation, which is limited to a low single-digit percentage of email addresses. We have resolved any issue related to customer phone numbers, which was an even smaller percent.”
Cyber professionals say it is too early to say how severe the vulnerability is and how it will affect customers in the future. Cyber thieves are able to phone numbers and e-mails lists to inflict financial damage to unsuspecting victims, including identity theft.