After the Hack: Four companies respond to customer data breaches

Rating four major players on how they responded to data theft

In the past year a string of high-profile data breaches left consumers wary of sharing their information (or even making purchases) with companies. The fear isn’t just of e-commerce, either; two of the big breaches—at Target and Neiman Marcus—happened at brick-and-mortar stores. The Target breach has proved to be so harmful to the retailer’s brand and bottom line, its CEO has agreed to leave the company six month after the event.

Brands take a big hit when consumer data is stolen, but how they bounce back depends on the response. Here’s a look at how four companies dealt with their data breaches.

Target

November 2013
Damage: 40 million credit and debit card numbers stolen, along with customers’ names, addresses and emails. In total, the hack set Target back $420 million.

Response rate: 12 days

Cleanup: Target’s CIO, Beth Jacob, resigned after the news broke. The retailer supplied affected customers with a year of free credit monitoring, and sped up the development of a high-security credit card it had been working on, backing the project with an additional $100 million.

Well.ca

December 2013
Damage: Several thousand consumers had their info stolen, including name, address, credit card number and CVV code.

Response rate: 58 days

Cleanup: When customers were alerted their information may have been compromised, it was already clear Well.ca had egg on its face. The hack started almost two months prior, but on Feb. 18 CEO Rebecca McKillican told tech site BetaKit that Well.ca had only known about it for a “couple weeks.” McKillican apologized and promised new safegaurds, but downplayed the situation, saying the breach affected a “small” number of customers.

Related
Target appoints new chief information officer (and other news from around the web)

Kickstarter

February 2014
Damage: Hackers gained access to Kickstarter’s database of usernames and encrypted passwords. However, just two accounts were compromised and no credit card numbers were stolen.

Response rate: Three days

Cleanup: Kickstarter notified users on Feb. 15 that there’d been a security breach three days before. Because of its encryption process, the passwords remained secure (two accounts notwithstanding). The site also did a good job of explaining the situation, with a blog post noting, “Actual passwords were not revealed, however it’s possible for a malicious person with enough computing power to guess and crack an encrypted password. As a precaution, we strongly recommend you create a new password for your Kickstarter account.”

Neiman Marcus

July 2013
Damage: 1.1 million cards were potentially compromised, though the retailer reported that just 2,400 cards were used fraudulently.

Response rate: Six months (the breach started in July, though Neiman Marcus said it wasn’t aware until January 2014. At that point, it responded quickly.)

Cleanup: The retailer offered credit monitoring and identity theft protection to all of its 2013 customers—not just those who shopped during the breach.

This story originally appeared in the May 2014 issue of Marketing

Consumer Articles

Ontario confirms beer will be sold in grocery stores

Province hosting a pilot project to sell 12-packs of beer in LCBO stores

Simons CEO Peter Simons on the department-store wars

"We’re not Starbucks—there will be a limit to how many stores we build"

Loblaw and Uber partner on click-and-collect offer

Grocer giving shoppers free rides to three Toronto-area stores until April 20

How well do you know millennial moms?

New research from BabyCenter looks at tech and shopping habits of young moms

Air Miles testing in-store beacons with Staples, Rexall

Shoppers with the Air Miles app will receive exclusive mobile offers

Feds update code of conduct to include mobile payments

Rules governing credit and debit card transactions extended to mobile payments

How the smartwatch can enhance retail (Column)

With security/convenience in a wearable, retailers can build customer loyalty

Lacoste launches ecomm site

Apparel brand aims to recreate premium experience online for Canadian consumers

Jacob reopening with five Quebec stores, online operations

Retailer wants to keep loyal consumers happy, but isn't looking for national presence