Grinch Alert: Pandemic Holidays Show Heightened Risk of Retail Cyberattacks & Consumer Data Breach
Online Shopping Boom Creates Evolving Niche for Attorneys
As new coronavirus cases surge in all US states, the once-coveted ‘working from home’ dream has become the norm for almost half of Americans. As of today, about 42 percent of all workers are working from home as they continue to rely upon their digital devices to clock in and report to work. Add to this another 33 percent of Americans who are not working and the trend is clear: we are now a work-from-home economy.
But along with the pandemic safety and coziness of walking a few feet from bed to desk, some sinister, digital actors have entered the equation.
This holiday, due to the booming online purchasing economy, with every click you make, there is a higher risk of a consumer data breach and cyberattacks for your favorite retailers.
Cybercriminals are hard at work during this time of the year - November through December - vying to invade both businesses' data networks and consumers’ digital devices to steal data. Now more than ever, it’s time to beef up your security on your personal devices or business network. At the same time, retailers are scrambling to protect their clients’ most sensitive data.
As of November, over 170,000 reports of cyber fraud have already been reported to the Federal Trade Commission (FTC). A TransUnion report shows that in 2018 - 2019 alone, there was a “347 percent increase in account takeover and 391 percent rise in shipping fraud attempts globally against its online retail customers.”
With a blur between work and personal lives firmly rooted in the world economy due to the pandemic and now the holidays, the sheer numbers of about half the world population working remotely is cause for concern, according to numerous experts.
From Bad Bots to malicious automated digital attacks upon retailers, this year’s holiday season is ripe for the criminals’ picking.
Consumers should be aware of attempts by digital criminals to access their information. Some helpful hints include to avoid QR codes; never give out confidential information such as your social security number; and be wary of “site impersonators," created by hackers to mimic actual sites. A common trick cybercriminals use is to create a retailer’s website but spell the URL with one or two misspellings that you may not notice. Once they have your login credentials, they will access your legitimate online account and your confidential information.
As for a retailer’s liability in protecting its customers’ private data secure from cyber attacks, the laws are evolving across the US as attorneys brush up on new digital laws that protect both consumers and retailers. For the legal profession, there is a new niche being created across the US as cybercrime meets the pandemic and the holidays in a perfect storm.
In 2019, California was the first state to enact a law allowing lawsuits by customers against retailers, called the California Consumer Privacy Act (CCPC). Within weeks of it being passed as law, a class-action suit was filed against clothing manufacturer Hanna Andersson and SalesForce.com.
In 2018, the US Supreme Court ruled in a Zappos case that when companies are hacked by cybercriminals, they still may be liable. The overarching theme in this case points to a new reality: customers have the right to sue companies when their data is hacked.
