Jose Pagliery for CNN Money (August 15, 2014) in an article entitled: “Albertson’s stores hacked for credit card data,” has just informed me that the following stores have just been hacked: Albertson’s Acme, Jewel-Osco, Shaw’s and Star Market supermarkets, as well as SuperValu’s Cub Foods, Hornbacher’s, Farm Fresh, Shop ‘N Save and Shoppers Food & Pharmacy.
It seems that not only was your credit card number stolen, but your three digit pin-code was taken as well. Oh yes, your name and even your card’s expiration date.
According to the article:
“The extent of the damage isn’t yet clear, and the grocery chains haven’t yet said how many customers might be affected. SuperValu said it knows hackers broke into the computer network that processes card payments, but it’s unsure whether they managed to take the data…SuperValu and Albertson’s share the same technology system that was attacked. It’s unclear which store or stores was hit first. SuperValu said the security hole has been plugged and customers can now safely use card swiping terminals at its stores.”
A whole spaghetti pot of questions
As I begin to explore this a bit, I am reminded of a statistic: In 2014, more than half of all Americans were hacked. It is very, very serious and chances are, if you think you might have been “hit” you probably have been hit.
My comments begin with a simply question: “What is owed to us ethically?”
Articles throughout the media have informed us that the security breach began in mid-June and went through mid-July. The security breach began two months ago. I am not an IT genius, I am the first to admit that, but it would seem that someone within the infrastructure of all of those chains might have smelled some rotten cheese at some point. Am I to infer from the article that the first day they knew of the security breach was August 15, 2014? What was owed to me ethically during those 60 days?
My second simple question: “Where is the public apology?”
I have asked this question before, but where is the CEO or Chief Apology Officer or even carefully crafted corporate public relations letters that use words such as “deeply regret?” Or are we to get used to hacking as business as usual? Are we not owed something? I am not talking about free drinks at the deli counter or 50 percent off on pound cake, but how about a heartfelt campaign to reach out to Little Old Me as a long-time, faithful customer?
The third question involves “arrogance.” We are told that the security “hole has been plugged” and that everything is fine. Suppose it isn’t? Do all retailers owe us a simple warning by the check-out whenever we slide our credit cards in those little slots? Something like:
“Dear Customer, though we make every effort to keep your credit card information safe and secure, there is always the possibility that someone in Russia or China or West Nyack, New Jersey, is now buying a potted plant using your credit card number.”
But we know that will never, never happen. It seems as though we are all on our own and good luck with it – and that really bothers me.
I might draw an example from the airlines. The airlines have always been reluctant to recognize the rights of passengers. However, after thousands upon thousands of us have been stranded on planes for hours without recourse, our beloved politicians finally stepped up and help us to craft legislation that would reward us in case we were stranded on the tarmac for hours at a time.
Why not a retail customer bill of rights? Shouldn’t retail customers have the ability to protect themselves in case their information is stolen and used against them? If I shop in a grocery, and through no fault of my own, my information is stolen, should I not be entitled to something? If nothing else, this type of legislation could prompt more and more retailers to work together to identify and improve their security systems.
Ethically, everyone who trusts the security of their favorite store should in turn demand that those retailers respect that trust. So far, I’m not seeing it.
YOUR COMMENTS WELCOME!