Observations 
5
comments

Michaels offers handy DIY solutions for customers exposed in possible data breach

Email  Print Print  

Michaels data breachAnother week, another retailer announcing a possible data breach that could compromise customer data and expose them to the risk of financial fraud.

A few weeks ago, it was Target, then Neiman Marcus (who, like Target, is offering free identity theft protection for a year). This time, the retailer in question is Michaels, which is hands down the best place on Earth to buy assorted sizes of Styrofoam balls and everything you need for scrapbooking your cat’s birthday party.

The company put out a press release on Saturday to let us know it may have suffered a data breach attack and urging customers to take action.

“While we have not confirmed a compromise to our systems, we believe it is in the best interest of our customers to alert them to this potential issue so they can take steps to protect themselves, for example, by reviewing their payment card account statements for unauthorized charges,” said Michaels CEO Chuck Rubin in a press release.

The data breach hasn’t been confirmed yet and how many customers have been affected is still unknown; reached for comment, a Michaels spokesman said the details in the press release linked above are the most current information they have.

Personally, this is happening so often now that I’m kind of getting tired of reading company press releases, so I made a handy word cloud I can just look at whenever this happens:

Data breach word cloud

This isn’t even the first major problem Michaels has had with data security. In 2011 fraudsters tampered with payment terminals at 80 Michaels stores nationwide and stole customer debit card information, which they then used to make lots of fraudulent purchases.

(Full disclosure: My wife is a regular Michaels customer, so between this and the Target data breach, we may as well just start mailing our debit and credit cards to Eastern European hackers and save them the trouble.)

DIY solutions inadequate

In his letter to customers, Rubin writes that if investigators confirm that customers were affected by the Michaels data breach, they’ll offer them identity protection and credit monitoring.

Until then, Michaels generously provides contact information for the FTC and a link to annualcreditreport.com, the site where Americans are legally entitled to receive a free copy of their credit report from the three major credit bureaus. We’re told to “remain vigilant by reviewing your credit reports”  and to “consider placing a fraud alert on your credit file.”

On the plus side, the company is doing the right thing by informing customers about their suspicions rather than sitting on the information and waiting for consumers to start complaining about identity theft, and most of the advice the company is offering is sound.

On the minus side, it’s infuriating to hear another hacked retailer putting the onus for preventing data breach-related financial fraud on customers. Doing so is analogous to me going to Michaels CEO Chuck Rubin’s house while he’s on vacation, unlocking his doors and windows and spray painting “rob me” on the garage in big letters, and then putting out a press release asking him to closely monitor his house to make sure nothing is stolen.

If companies need to process and/or store customer information in order to take debit payments and conduct their business, fine. But once they take possession of your information, regardless of how long they have their hands on it, they bear the responsibility for keeping it safe, and when they don’t live up to that responsibility, they should be the ones who bear the cost of cleaning up the mess.

What do you think? Have you been caught up in a data breach lately? Do you think asking customers to deal with the consequences is appropriate?

(Photo by coolmikeol, used under CC BY/cropped and altered)

(Word cloud made using Wordle)

{ 5 comments, please add your thoughts now! }

Related Posts


RSS Subscribe Like this article? Get all the latest articles sent to your email for free every day. Enter your email address and click "Subscribe." Your email will only be used for this daily subscription and you can unsubscribe anytime.

5 Responses to “Michaels offers handy DIY solutions for customers exposed in possible data breach”

  1. Maureen says:

    Well I did shop at Target and started freaking out the minute I heard of the breach. However, I did get an e-mail from my bank within days that they would replace my debit card and I have since received a new one. I also waited to sign up for the Target free credit reporting for 1 year. I followed all the steps the store said to follow and now have an account with their credit reporting agency, Experien for 1 year.

    I am disturbed by the Michael’s response to their breach. They are stating to watch your annual credit report through freecreditreport.com. However, if you have ever gone to this site, you can only pull your credit report from each company ONCE per year. That will not help if you check it now and 6 months down the road, your ID is finally used. They need to do better, as does all the credit card companies.

    As for now, I will continue to use my debit card, but will use it like a credit card so at least they will not get my pin and wipe out my account. Some day I will have to resort to shopping with cash. That’s probably a good thing as it will curb my spending for sure.

  2. Cindy says:

    Since I don’t shop at Michaels or Neiman Marcus, I’m not sweating too many bullets. So far, my Target REDcard (charge only, not Visa, not debit) is okay. I did the free annual credit reports last week and all is well.

    My current beef is that I’ve tried to sign up for Target’s offer of a free year of monitoring, but cannot get the necessary email back from them containing the code. Per their FAQ, I reapplied using the same email and received a pretty snotty reply that they ALREADY HAVE my request. Still no reply email with the code I need in order to start the monitoring. I’m getting more than a little fed up (and yes, I have double-checked my junk folder, it’s not there either) and am not particularly pleased with how any of these companies is handled their breach/hacked problems.

  3. Alissa Fleck says:

    If people who shop at Michael’s are keen on making cat birthday scrapbooks, maybe this is some sort of natural selection? Just kidding! I would totally do that.

  4. Claes Bell says:

    Cindy: Yes I haven’t tried signing up for the credit protection products yet. I think I will now that you say that just to see how it goes.

    Alissa: Ha! Yeah like I say my wife is a pretty frequent Michaels shopper so it’s all in fun

  5. Rona says:

    This won’t stop me from shopping at either of these stores, but it does worry me a lot. All the information these companies have about us, yet they don’t have the proper security checks in place to protect it. Both my husband and I have the Red Debit card and signed up for the credit protection. That helps, but it’s only for a year. I also wouldn’t be surprised if information also may have been stolen from other companies where they either didn’t know or or never told the public.


Please Leave a Reply
Bargaineering Comment Policy


Previous Article: «
Next Article: »
Advertising Disclosure: Bargaineering may be compensated in exchange for featured placement of certain sponsored products and services, or your clicking on links posted on this website.
About | Contact Me | Privacy Policy/Your California Privacy Rights | Terms of Use | Press
Copyright © 2014 by www.Bargaineering.com. All rights reserved.