Iowa Credit Union Suing Eddie Bauer for 2016 Data Breach

Eddie Bauer would like you to believe “The security of our customers’ information is a top priority,” but a credit union in Waterloo, Iowa begs to differ.

Last August, clothing retailer Eddie Bauer disclosed that it discovered malware on its point-of-sale systems at all of its 350-plus stores. Hundreds of thousands, if not millions, of customers had their payment cards compromised. For more than seven months, debit and credit card payments made at its stores (not online) could have been accessed.

Now Veridian Credit Union is suing Eddie Bauer, accusing them of using lax security standards, which then forced Veridian and other financial institutions to bear the costs related to theft of the information.

The Seattle Times covered the story.

Eddie Bauer, the complaint says, was negligent, and should compensate financial institutions for costs related to reissuing stolen credit and debit cards, refunding unauthorized transactions and other fallout from the breach,” according to the story. The story cites the complaint, which accuses Eddie Bauer of using a system lacking “elementary security measures that even the most inexperienced [information technology] professional could identify as problematic,” the complaint said.

Security researcher Brian Krebs, who is behind the popular blog Krebs on Security, notified the company about the breach on July 5, 2016. When Krebs initially reached out to the company, a spokesperson responded, saying “the company was grateful for the outreach but that it hadn’t heard any fraud complaints from banks or from the credit card associations.”

Six weeks later, a PR person circled back with Krebs.

“That person told me Eddie Bauer — working with the FBI and an outside computer forensics firm — had detected and removed card-stealing malware from cash registers at all of its locations in the United States and Canada.

Read the company’s consumer notification press release here.


Is your business covered for a data breach?

Get Covered

Image: Pixabay