As I sit here admiring my Lizsport slip-ons--so stylish and yet so comfortable--and contemplate my Christmas season purchase of black, knee-high boots--so stylish but not quite so comfortable--I can't help but wonder if the thrill of the purchase is worth the risk of personal data theft.Luckily, I haven't bought any of my shoes at one of the DSW Shoe Warehouse stores whose databases were recently breached. But if I had gone shopping in my old hometown of Queens late last year or early this year, where a DSW outlet was affected, I'd probably be a bit panicked now. After all, we're talking about a lot more customer accounts having been affected than DSW first thought--1.4 million, way up from the 100,000 figure initially reported. There's some good news, like the fact that the information stolen on nearly 100,000 check transactions didn't include customer names, addresses, or Social Security numbers, and that no PIN numbers were among the stolen data.
DSW seems to have taken the appropriate steps in terms of promptly calling federal law enforcement and cardholder associations, as well as hiring a security firm to conduct a forensics investigation. There's even a link on its Web site to let consumers know how they can order a free credit report. It's got my respect for that, although something about a horse and a barn door comes to mind here.
It's not clear yet how the information was accessed, but isn't it clear by now that companies have to make security--especially the security of their customer data--a high priority? Lax practices both on securing data and alerting customers' to personal data thefts now are kicking up federal legislation, and I'm not sure that many companies are kicking up their heels at that prospect.