Close×

This week, Princess Polly became the latest fashion operator to suffer a data breach.

In an email to customers, CEO Wez Bryett advised them that an unidentified third party recently gained unauthorised access to its website.

"During this process, the third party may have accessed your personal information entered on our website," he wrote.

This included username and password, something data security specialists refer to as a credential spill.

Let's say this information is all that hackers, who also breached security systems at Kathmandu and Uniqlo this year, got away with.

Who cares right? It's just a name and password, the equivalent of Coke to Clicquot.

Well according to a recent report by security giant Shape, you should care where your customers data ends up.

Shape, headed by industry leaders from Google, Cisco and IBM, found that up to 90% of login activity is hackers seeding stolen data.

That is, criminals are harvesting credentials from data breaches and testing them on every website and mobile app imaginable.

A small subset of those credentials then unlock accounts. Why? For the simple reason that most of us reuse passwords across multiple sites.

Once cracked, criminals drain those accounts of value to commit all manner of fraud, from fiscal trafficking to buying corduroy pants.

So that Coke, pumped through enough channels, turns into a roaring glass of bubbles.

The trend becomes even more worrying when you drill further into the retail figures.

Three-quarters of U.S. retailers experienced a data breach in 2018, according to the Thales 2018 Data Threat Report.

This means the occurance of credential spills is significant - and growing.

As widespread digital transformation rolls out across the sector, companies are becoming more inclined to storing sensitive customer data to the cloud.

According to the report, 95% of retailers use this data in an advanced technology environment such as cloud, big data, IoT and containers.

Despite this, only 26% of retailers reported implementing encryption.

The report concluded that each of these technology environments presents a unique security challenge and needs to be addressed.

So the moral of this week's wrap is simple: get clued up on your brand's security protocols and change. your. passwords.

comments powered by Disqus