DSW Settles With FTC Over Data Breach

Share this content:
About nine months after divulging a data breach affecting up to 1.5 million consumers, shoe retailer DSW Inc. settled charges with the Federal Trade Commission, the FTC said yesterday.


DSW Shoe Warehouse parent Retail Ventures Inc. said March 8 that DSW suffered a data theft affecting 103 of its 175 U.S. stores. Though the number of consumers affected was not made public, reports cited Secret Service sources that estimated 100,000. Stolen data included credit card information and purchase data. On April 18, Retail Ventures, Columbus, OH, issued a statement based on an investigation of the breach saying 1.4 million credit card transactions and 96,000 check payments were discovered across 108 DSW stores. Security firm Ubizen conducted the investigation, though law enforcement continues to investigate the breach as well. A list of affected retail stores and more information for consumers are posted at www.dswshoe.com.


"Until at least March 2005, respondent engaged in a number of practices that, taken together, failed to provide reasonable and appropriate security for personal information collected at its stores," the FTC complaint against DSW alleged.


According to the FTC, the company created unnecessary risks to data by storing it in multiple files when it was no longer needed; failed to use readily available security measures; stored information in unencrypted files; failed to limit sufficiently the ability of computers on one in-store network to connect to computers on other in-store and corporate networks; and failed to take sufficient measures to detect unauthorized access.


Information obtained from the credit card transactions included names, credit or debit card numbers and purchase amounts. The check transaction thefts divulged checking account numbers and driver's license numbers only. Retail Ventures said the stolen data did not include Social Security numbers, debit card personal identification numbers or addresses, and no Internet or loyalty program data were accessed.


The bulk of these transactions occurred from mid-November 2004 to mid-February 2005, Retail Ventures said. The firm provided the stolen credit card numbers to American Express, Discover, Visa and MasterCard, which alerted the issuing banks. DSW is sending letters to the roughly half of the cardholders for whom it was able to obtain contact information. It also identified about 88 percent of the check customers and is notifying them as well.


Under DSW's agreement with the FTC, the retailer does not admit to violating any laws but agrees to implement comprehensive information security measures and must be audited by a qualified independent third-party security professional every other year for 20 years. The FTC will monitor compliance. The FTC voted 4-0 to accept the proposed consent agreement. The agreement is subject to public comment until Jan. 2 when the commission decides whether to finalize it.


Kristen Bremner covers list news, insert media, privacy and fundraising for DM News and DMNews.com. To keep up with the latest developments in these areas, subscribe to our daily and weekly e-mail newsletters by visiting www.dmnews.com/newsletters


Sign up to our newsletters

Company of the Week

Brightcove is the world's leading video platform. The most innovative and respected brands confidently rely on Brightcove to solve their most demanding communication challenges because of the unmatched performance and flexibility of our platform, our global scale and reliability, and our award-winning service. With thousands of customers and an industry-leading suite of cloud video products, Brightcove enables customers to drive compelling business results.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above