• Search

Learning from Portland-based ‘Hanna Andersson’ Data Breach

The latest in retail data breaches hit close to home this month with Portland-based retailer Hanna Andersson announcing at the end of January they had been hacked. The breach happened in fall of 2019, between September 16 and November 11, but the retailer has yet to say how exactly the scam was executed.

The news, though unfortunate, is not a major shock. Better Business Bureau Northwest + Pacific has seen a steady uptick of data breaches over the last several years with major names such as Equifax, Uber and Target among recent victims making headlines.

In the case of Hanna Andersson, a somewhat luxury children’s clothing retailer with stores around the country, the breach compromised customers’ credit card information including credit card numbers, expiration dates, security codes, billing and shipping addresses. In short – scammers got full access to customer account information and everything they’d need to commit identity fraud. The hack mainly impacted customers who made purchases on the website during that September to November timeframe.

Not many other details have been released by Hanna Anderson executives yet, though they assured consumers they are working with federal authorities to investigate the breach and improve their cybersecurity.

Still, the incident underlines – again – the importance of businesses beefing up their security features in today’s climate of constant cyber-threats and attacks.

For customers who may have been impacted by this breach, BBB NW+P offers these tips: 

  • Confirm whether your card was involved. At this point, the company that was breached should let you know if your card was compromised. Or you should have heard from the card-issuer itself.
  • Consider putting a credit freeze or fraud alert on your credit reports with the three major credit reporting agencies. This would prevent scammers from accessing your credit report or personally identifiable information.
  • Monitor your credit card statements carefully for at least three months to keep an eye out for fraudulent charges. Or consider canceling that card completely and getting a new one.
  • If you do see a fraudulent charge, report it right away to your bank. Typically, if a cardholder reports unauthorized charges within 60 days, federal consumer protection laws require the merchant or bank to reimburse the customer.

 For businesses, the lesson couldn’t be clearer: protecting customer information is paramount. A data breach means a business has broken faith with its customers and, once lost, trust is difficult to rebuild. So make sure your systems and customer information are secure, check and update safeguards regularly and, if you do experience a data breach, quick and comprehensive information to your customer base allows them to take appropriate action swiftly. For more information on cyber security visit bbb.org.

Leave a reply

Written by Danielle Kane

Is Your Business BBB Accredited?