Sears Holdings Corp. is launching an investigation in the wake of cyber attacks on other retail stores. Sears, the retailer run by Edward Lampert, has not revealed any details of an actual attack or security breach.
Sears spokesman Howard Riefs said in a press statement, “There have been rumors and reports throughout the retail industry of security incidents at various retailers and we are actively reviewing our systems to determine if we have been a victim of a breach.”
Riefs added that there has been no information to indicate a breach so far which completely contradicts a report made by Bloomberg News. Bloomberg News, using an un-indentified source, reported that the U.S. Secret Service was involved in investigating a secret breach at Sears. The U.S. Secret Service is remaining quiet on whether or not it is actually investigating a breach at the retailer.
What is known is that the U.S. Secret Service is leading the investigation into last year’s cyber attack on Target and last year’s attack on Neiman Marcus. The Target breach lead to the theft of approximately 40 million credit/debit card numbers and over 70 million pieces of personal data. Neiman Marcus has also faced the harm of a data breach. The luxury retailer had 1.1 million credit and debit cards hacked by malware that infiltrated terminals point of sale systems.
Target, Neiman Marcus and other retailers who have experienced data breaches are attempting to gain back customer support by doing a lot of damage control. Target has offered free credit monitoring and identity theft protection to customers for free for one year as part of its damage control efforts.
The rumor that Sears is investigating a possible security breach may still harm the retailer. Lampert has struggled to make Sears profitable after 28 straight quarters of declining sales. A tarnished image from a potential data breach isn’t going to make shoppers rush out to buy anything from the retailer.
Original reports of the Target and Neiman Marcus breaches made clear that it could take months to confirm that breaches were made, how many victims were affected, and account for what data was stolen.