Comments on: Sears Credit Card Problem Shines Light On Marketing Data Madness

By: jac

jac — Thu, 01 Apr 2010 16:53:27 +0000

Sears just sent me a $32.00 membership fee ON A CARD I CANCELLED 6-YEARS AGO!

They had also checked my credit score every month over the past year before doing so.

After many calls to them, they first cancelled the card and then issued me a new one (with a new number and same membership fee), claiming that because I said “it was a FRAUD”, that it was automatic. I again had to cancel the new card.

They calaim they had no idea “who” issued/opened my old-cancelled card.

I SMELL A RAT AT SEARS.

By: Manish

Manish — Fri, 06 Nov 2009 08:13:05 +0000

Thousands of Sears consumers this month started receiving letters inviting them to join in a class-action lawsuit against the retailer, all because of a charge that Sears shared consumer payment card data (name, address, telephone number and scrambled or unscrambled credit card number) with a marketing partner without authorization.

To be clear, the credit- and debit-card data sharing that Sears is accused of sharing happened between Sept. 9, 1995, and June 22, 2001, long before PCI even existed. But such a thing could never happen today, in our PCI-compliant environment, right? Think again, Breach Boy.

By: ANZ credit card

ANZ credit card — Tue, 15 Sep 2009 08:24:56 +0000

So if this kind of problem happened before then why nobody did anything to prevent it from happening again? those credit card data that Sear got and shared without permission could be stolen by anyone and would make an abundant source of information for identity thieves.
As a credit card holder, I never felt so vulnerable until now.

By: Ron

Ron — Fri, 29 May 2009 16:43:01 +0000

Sears right hand continues to do what its left hand doesn’t know about. We had a problem just last week. Sears marketing sent us numerous e-mail sale notices. When we tried to make a purchase, we found credit department had canceled our card because we don’t use it “often enough.” Guess what? The sale e-mails keep coming. With this lack of coordination and self-created barriers to customer service does Sears management truly expect to stay in business?

By: David

David — Thu, 28 May 2009 19:26:25 +0000

Sears was operating under the guidelines that were in place in the 90s. As a service provider to Sears I know first hand that Sears errors on the side of safety when it comes to privacy and PCI compliance.

Is it a question of integrity? I don’t think so. At its core Sears is not malicious.

Do people make mistakes? Absolutely. As the article states, how often is marketing involved in PCI discussions and visa versa?

This is just another frivolous lawsuit. The holes have already been closed. There is nothing to be gained from this lawsuit.

By: tish

tish — Thu, 28 May 2009 17:22:32 +0000

Sears was caught doing this type of thing in the 90s, so why is this news? They had shared information with an insurance partner who, when we were out of town, charged us for an insurance policy we never talked to them about.

This is a corporate culture problem where at the core of the company there needs to be integrity. Sears has been without that for a long time.

This is more of an information security role that should be internal to the IT department. Many companies don’t see the value in that either.