Connect with us

Headlines

Retail Jewelry Giant’s Customer Data Was Exposed in Leak

The problem has since been fixed.
mm

Published

5 years ago

on

Order information for customers of some Signet brands may have been exposed in a leak, KrebsOnSecurity reports.

A customer reported the security weakness to the security-focused publication. The customer, Brandon Sheehy of Dallas, “discovered that slightly modifying the link in the confirmation email he received and pasting that into a Web browser revealed another customer’s order.” That included a variety of personal information, including name, address and last four digits of credit card.

The Business of Jewelry Podcast Special Edition
Jimmy Degroot

The Business of Jewelry Podcast Special Edition
Video: Why Jewelry Retailers Need to Do Outreach
Jimmy Degroot

Video: Why Jewelry Retailers Need to Do Outreach
New ‘The Business of Jewelry’ Episode Looks at Consumer Loyalty and Other Topics
Jimmy Degroot

New ‘The Business of Jewelry’ Episode Looks at Consumer Loyalty and Other Topics

“My first thought was they could track a package of jewelry to someone’s door and swipe it off their doorstep,” Sheehy told KrebsOnSecurity. A variety of other scams might be possible with the information, he surmised.

Sheehy said he contacted Signet, whose brands include Jared, Kay and Zales, about the problem. It was then apparently fixed for all orders going forward, but not for past orders.

Scott Lancaster, chief information security officer or Signet, said the problem has now been fixed for past orders as well.

The issue “affected only orders made online through jared.com and kay.com” and not the company’s other brands, KrebsOnSecurity reports.

Advertisement

Read more at KrebsOnSecurity

Related Topics:

click to Comment(Comment)
Advertisement

SPONSORED VIDEO

When There’s No Succession Plan, Call Wilkerson

Bob Wesley, owner of Robert C. Wesley Jewelers in Scottsdale, Ariz., was a third-generation jeweler. When it was time to enjoy life on the other side of the counter, he weighed his options. His lease was nearing renewal time and with no succession plan, he decided it was time to call Wilkerson. There was plenty of inventory to sell and at first, says Wesley, he thought he might try to manage a sale himself. But he’s glad he didn’t. “There’s no way I could have done this as well as Wilkerson,” he says. Wilkerson took responsibility for the entire event, with every detail — from advertising to accounting — done, dusted and managed by the Wilkerson team. “It’s the complete package,” he says of the Wilkerson method of helping jewelers to easily go on to the next phase of their lives. “There’s no way any retailer can duplicate what they’ve done.”

Promoted Headlines

Most Popular