Breach, Compliance Management, Data Security, Privacy

Saks Fifth Avenue leaves customer data exposed

Saks Fifth Avenue reportedly exposed the personal information of tens of thousands of customers in plain text on publicly accessible pages.

Email addresses, phone numbers and product codes were reportedly exposed and have since been taken offline after Buzzfeed News alerted Canada-based Hudson's Bay Company (HBC), the digital division of the brand's owner that is responsible for maintaining the online shopping site.

The report also noted that the Saks website serves some unencrypted pages to customers who are logged into the site leaving their information vulnerable if they were to browse the site on a public Wi-Fi network.

An HBC spokesperson told SC Media that it takes the matter seriously and that “The security of our customers is of utmost priority, and we are moving quickly and aggressively to resolve the situation, which is limited to a low single-digit percentage of email addresses. We have resolved any issue related to customer phone numbers, which was an even smaller percent.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.