Vera Bradley recently got a visit from the FBI, but it was not to purchase one of their colorful diaper bags.
Instead the FBI came to tell Vera Bradley that they had been hacked.
Between late July and late September, hackers were busy at work inside Vera Bradley’s 112 stores and 44 factory outlets – or at least in the payment processing system that processes credit card transactions from those stores. The web site was not affected.
The good news in this, if there is any, is that the FBI detected it within 60 days. The FBI has been making a LOT of house calls lately and while that may cause many CEOs to sweat profusely, I say good for the FBI. To the degree that hacks are detected and detected quickly, it will discourage hackers, even if the bad guys are not caught. After all, their motivation is profit and if we can stop the bad guys in their tracks and reduce the life expectancy of their evil intentions dramatically, then we win, even if we don’t catch the bad guys. Who is going to go to the trouble of hacking a payment system if the life expectancy of the stolen cards is, say, 3 days.
The bad news is that an unknown number of credit cards were compromised including names, card numbers, expiration dates and verification numbers.
From the consumer’s standpoint, while these breaches are a pain in a certain body part, they are, in the grand scheme of things, not a big deal. I replaced three credit cards this week alone and I am still alive (full disclosure: only one was due to being hacked).
For consumers, a much bigger problem is healthcare information hacks, because you can’t replace your medical history with a new one and if that data gets polluted with someone else’s history due to medical ID theft, you could die – literally.
For businesses, the bigger problem is theft of intellectual property, whether it is new product information, customer lists, bids and proposals or other IP – there is no way to put that genie back in the bottle.
Vera Bradley says they have a lot of insurance – not to worry – and I will take them at their word. Hopefully, once the figure things out, the number of cards stolen will be relatively small.
Still, they could easily have to deal with lawsuits for years to come, so they shouldn’t underestimate the impact.
They have already said that they are going to delay the overhaul of their web site, which could affect Christmas sales, to work on security. Painful, but if customers think it is not safe to shop there, I don’t care how cool your web site looks.
Information for this post came from Reuters.