With eCommerce constantly on the rise, most consumers have grown accustomed to shopping online and sharing payment details and personal information over the Internet. The average customer rarely puts much thought into the security risks when buying that shiny new handbag from their favourite brand.
However, even large fashion companies aren’t immune to data breaches, hackers, and cybersecurity threats. With the fashion industry becoming an increasingly common target for cybercriminals, the industry will need to invest in digital security systems to protect their customer’s data.
The Tommy Hilfiger Attack
Tommy Hilfiger is one company that learned that lesson the hard way. SafetyDetective’s research lab recently uncovered a significant data breach in Tommy Hilfiger’s database in Japan. The premium clothing brand’s website had received over a million visits in only four months before the breach, leading to a massive theft of consumer names, contact information, and order data, all of which was unencrypted and dated as far back as 2014.
The company was quick to respond to this incident. The PVH Corporation, Tommy Hilfiger’s parent company, shut down the affected servers and sealed the breach.
Other High Profile Fashion Industry Breaches
If a major brand like Tommy Hilfiger was so easily exposed, it begs the question of whether other brands are ill-equipped to deal with cybersecurity threats. The fashion industry, in general, has been prone to cybersecurity attacks in recent months. We found similar incidents last year with other international clothing brands and department stores.
Here are a few examples of other hacks in the fashion industry:
In April of 2018, millions of credit cards were compromised when the Hudson’s Bay
Company (and subsequently its subsidiaries, Saks Fifth Avenue and Lord & Taylor)
suffered a cybersecurity breach.
In June of that year, the login information of thousands of accounts on Bloomingdale
and Macy’s websites were lost.
Even encryption can’t always prevent data theft. In August, the online fashion business SHEIN lost the email addresses and passwords of over 6 million customers, forcing the organization to enlist international cybersecurity firms to sort out the incident.
In September, C&A’s gift card platform was compromised, resulting in the theft of
thousands of consumers’ email addresses and identification numbers.
What Should Fashion Companies Do?
Security prospects for fashion companies may seem bleak from these stories, but there are plenty of strategies fashion companies can employ to minimize their risks.
Know How to Protect Your Data
A common weak point for many businesses is the transaction page. When dealing with your clients’ information online, ensure the data is protected and secure on both ends. Reliable authentication of your consumer’s identity goes a long way.
Be Careful with Third Party Services
Whether your partner company handles payment, fulfillment, or cloud data storage for you, be careful when working with third-party organizations, as any exchange of data opens the possibility for potential attacks.
Remember that you can’t depend on another company for your protection. Make it clear that both businesses are responsible for the data security of your customers.
Develop a Plan
Work closely with a cybersecurity provider to develop a plan. Whether it’s cybersecurity training for employees, properly locking down access to sensitive company data, or learning how to respond to breaches, some preparation time already puts you at an advantage over your attackers. SafetyDetective’s research teams will continue to scan online businesses for vulnerabilities, catching exploits, and mitigating the impact of data breaches to customers and online
businesses.
Author: Felicity Kay
Felicity is Safety Detective’s security content expert and is passionate about all-things internet security.
If you would like to have your company featured in the Irish Tech News Business Showcase, get in contact with us at [email protected] or on Twitter: @SimonCocking
More about Irish Tech News
Irish Tech News are Ireland’s No. 1 Online Tech Publication and often Ireland’s No.1 Tech Podcast too.
You can find hundreds of fantastic previous episodes and subscribe using whatever platform you like via our Anchor.fm page here: https://anchor.fm/irish-tech-news
If you’d like to be featured in an upcoming Podcast email us at [email protected] now to discuss.
Irish Tech News have a range of services available to help promote your business. Why not drop us a line at [email protected] now to find out more about how we can help you reach our audience.
You can also find and follow us on Twitter, LinkedIn, Facebook, Instagram, TikTok and Snapchat.