I received a letter today from the folks at Internet Retailer, stating that their customer information had been breached (which would be my information), including potentially my credit card number and e-mail address.
This report has been confirmed on The Breach Blog.
Internet Retailer chose to not report their own breach on their homepage, as of 9/18/2007, 3:12pm PDT.
Interestingly, Internet Retailer has a long history of talking about security shortcomings, telling others what they must do to improve security.
The letter I received does offer an apology, which is appreciated. The letter gives me steps to take to protect my credit information. Internet Retailer does not offer me anything, as a loyal customer, in exchange for a very serious mistake that may significantly impact my life, no discount on a future publication, no free reports, nothing.
Obviously, businesses face tremendous challenges protecting customer information. No business is perfect. Evil seeks to disrupt.
This is a great example for bloggers, vendors and pundits who constantly poke fun at everybody else, those who constantly criticize companies and individuals for their shortcomings. Today, you are the judge and jury. Tomorrow, it may be you that is being judged.