Connect with us

Headlines

Retail Jewelry Giant’s Customer Data Was Exposed in Leak

The problem has since been fixed.
mm

Published

5 years ago

on

Order information for customers of some Signet brands may have been exposed in a leak, KrebsOnSecurity reports.

A customer reported the security weakness to the security-focused publication. The customer, Brandon Sheehy of Dallas, “discovered that slightly modifying the link in the confirmation email he received and pasting that into a Web browser revealed another customer’s order.” That included a variety of personal information, including name, address and last four digits of credit card.

Smith and DeGroot Release ‘A Vendor Perspective’ Podcast Episode
Jimmy Degroot

Smith and DeGroot Release ‘A Vendor Perspective’ Podcast Episode
Video: Split Sales Require Effort
Jimmy Degroot

Video: Split Sales Require Effort
The Business of Jewelry Podcast Special Edition (Part 2)
Jimmy Degroot

The Business of Jewelry Podcast Special Edition (Part 2)

“My first thought was they could track a package of jewelry to someone’s door and swipe it off their doorstep,” Sheehy told KrebsOnSecurity. A variety of other scams might be possible with the information, he surmised.

Sheehy said he contacted Signet, whose brands include Jared, Kay and Zales, about the problem. It was then apparently fixed for all orders going forward, but not for past orders.

Scott Lancaster, chief information security officer or Signet, said the problem has now been fixed for past orders as well.

The issue “affected only orders made online through jared.com and kay.com” and not the company’s other brands, KrebsOnSecurity reports.

Advertisement

Read more at KrebsOnSecurity

Related Topics:

click to Comment(Comment)
Advertisement

SPONSORED VIDEO

This Third-Generation Jeweler Was Ready for Retirement. He Called Wilkerson

Retirement is never easy, especially when it means the end to a business that was founded in 1884. But for Laura and Sam Sipe, it was time to put their own needs first. They decided to close J.C. Sipe Jewelers, one of Indianapolis’ most trusted names in fine jewelry, and call Wilkerson. “Laura and I decided the conditions were right,” says Sam. Wilkerson handled every detail in their going-out-of-business sale, from marketing to manning the sales floor. “The main goal was to sell our existing inventory that’s all paid for and turn that into cash for our retirement,” says Sam. “It’s been very, very productive.” Would they recommend Wilkerson to other jewelers who want to enjoy their golden years? Absolutely! “Call Wilkerson,” says Laura. “They can help you achieve your goals so you’ll be able to move into retirement comfortably.”

Promoted Headlines

Most Popular