Nordstrom, an American chain of luxury department stores, has suffered a data breach that affected its employees’ personal information. The Seattle-based retailer stated that the breach compromised a wide range of current and past employees’ data, including names, social security numbers, dates of birth, routing numbers, salaries and checking account details. However, Nordstrom clarified that no customer data was involved.
Nordstrom stated the breach was discovered on October 9, 2018, by its security team and it’s believed that a contract worker at a store in Seattle was responsible for the incident. The worker reportedly handled the employees’ data incorrectly, the Seattle Times reported.
The company notified the victims about the intrusion via emails and is taking necessary measures to prevent the further loss.
“We have no evidence data was shared or used inappropriately,” the company said in a statement. “Out of an abundance of caution, we are notifying our employees, so they can take the appropriate steps to monitor for any potential unauthorized activity.”
“We’re putting additional measures in place to help prevent this from happening again. We have no evidence data was shared or used inappropriately. Out of an abundance of caution, we are notifying our employees, so they can take the appropriate steps to monitor for any potential unauthorized activity,” the statement added.
A survey from security ratings firm SecurityScorecard highlighted how the retail industry often fails to manage critical security processes. The firm analyzed around 1,924 companies between January from October 2017, for the survey. The study pointed out that the retail industry ranked fifth among the major U.S industries, where the bottom performers were the clothing retailers.
The study revealed that there were more poor performing clothing stores than poor performing department stores, car dealerships, food stores, grocery/pharmacy stores, wholesale retailers, office supply stores, and stores selling sports good combined.
