Stores Aren't Doing A Great Job Of Protecting Customers' Credit Cards

Credit card information is a valuable asset to hackers, but many corporations haven't taken strong moves in order to protect shopper data.

Stores Aren't Doing A Great Job Of Protecting Customers' Credit Cards
Getty Images / Joe Raedle

When hackers stole more than 5 million credit card numbers from Saks Fifth Avenue and Lord & Taylor, it was just another instance of an increasingly alarming trend. Even after years of major data breaches, the largest retail corporations aren't protecting shoppers' payment information.

In the past decade, commercial businesses have overtaken the health care industry as the main target for hackers seeking credit and debit card numbers. In 2017, about 3 in 5 attacks were directed at businesses, and 1 in every 5 attacks exposed credit or debit card numbers.

And as the problem grows worse, many retailers aren't doing much to stop it. In 2014, about 61 percent of businesses stored unencrypted credit card data on their networks. By 2017, that number jumped to 69 percent.

A Saks Fifth Avenue storefront

Card Numbers Leaked From 5 Million Saks And Lord & Taylor Shoppers

A notorious hacking firm was behind the breach.


What's more, many large corporations aren't adapting to major attacks. In 2013, Target was hit with malware that exposed the credit card numbers of 110 million customers. Hackers soon realized they could use the same strategy to get data from other vulnerable companies, like Home Depot in 2014, Wendy's in 2016 and Applebee's in 2018.

And in some cases, the CEOs of those businesses can't say what their companies do to protect data. In the wake of the Equifax breach, congressional leaders asked the company's CEO if it encrypted user data. The CEO admitted he didn't know.