Most retailer breaches are not disclosed, Gartner says

Most retailers do not disclose data breaches after they happen, Gartner says.

While nearly half of U.S. retailers have been hit with some kind of information security attack, only a small percentage of them have actually reported breaches to their customers, research company Gartner reports.

In a new study based on interviews with 50 U.S. retailers, Gartner found that 21 of them were certain they had had a data breach. However, just three of the retailers had disclosed the incident to the public.

The small number of retailers in the survey make it impossible to draw any firm conclusions from the data, but it does underscore a noteworthy trend, said Gartner analyst Avivah Litan. "Sensitive data is being stolen and most of the time it's not being disclosed," she said. "There are a lot more breaches than we hear about."

Many states now have laws that require that consumers be notified when their personal information is compromised, but the bad publicity that results from such disclosures has made retailers reluctant to make them, she said. "They see what happens to companies like TJX and Hannaford and they don't want to call attention to themselves unless they need to."

Litan didn't know whether the retailers had broken state laws by not informing their customers of the breaches, but she said it was a possibility. Some of the breaches may have happened before applicable state laws were in effect.

In 2006, data thieves were able to get access to an estimated 94 million payment card numbers by hacking TJX's computer systems. The retailer has set aside a US$107 million reserve fund to cover lawsuits from credit card issuers that stem from the breach. At the Hannaford Bros. supermarket chain, criminals stole an estimated 4.2 million account numbers after computers there were hacked. That breach was disclosed in March.

Gartner counted phishing attacks and data compromises at third parties as breaches, along with lost or stolen laptops, insider breaches and computer hacking attacks.

Litan said four of the retailers had been fined by credit card companies for not meeting Payment Card Industry (PCI) compliance requirements. Another 11 were threatened with fines for noncompliance.

Data breaches at retailers are the top cause of credit and debit card theft, accounting for about 20 percent of all incidents, Gartner said.

And this type of crime is not going away. Credit card companies predict that payment card fraud rates will double over the next two years, the research company said.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?