Are Retailers Doing Enough to Notify Customers of Data Breaches?

Are Retailers Doing Enough to Notify Customers of Data Breaches?

November 15, 2017         Written By John H. Oldshue

Americans have become desensitized to data breaches. When the Target data breach first came to light in 2013, people were in a frenzy—boycotting stores, filing lawsuits, and panicking about the state of their credit.

Fast forward four years, and breaches just seem to “happen.” In September, Whole Foods announced a cybersecurity incident affecting taprooms and restaurants within its grocery store. Two weeks later, Hyatt confirmed a data breach affecting the credit card processing systems at 41 of its hotels. Yesterday, fashion retailer Forever 21 issued a statement notifying customers of a breach at “only certain point of sale devices in some Forever 21 stores.”

What do all of these security incidents have in common? A lack of customer notification. Most retailers will release statements/press releases to the public or post something on their website explaining the nature of the breach, but many times, that is as far as they go. They encourage affected parties to monitor their financial accounts, change passwords, etc., but many do not send letters to their customers letting them know about the incident.

This pushes the burden onto the consumer: watch out for a problem, react accordingly.

Banks, credit unions and payment card issuers typically take a more active approach when notifying customers of a data breach. They will send out letters, cancel/send out new cards, issue new account numbers and even call their customers to let them know about the incident. Perhaps that is why 43% of consumers trust debit and credit card companies with their data security, while only 11% trust retailers with their card information.

If data breaches are becoming a societal norm, it’s important for retailers to find new ways to reach affected parties. For instance, a store like Forever 21 could make an Instagram post letting its 14 million followers know about the card incident, rather than posting it in their newsroom, which is only accessible through a tiny link at the bottom of their website’s homepage. Yes, that would hurt sales and bring more attention to the matter, but consumers will ultimately benefit from the transparency.

The information contained within this article was accurate as of November 15, 2017. For up-to-date information on any of the terms, cards or offers mentioned above, visit the issuer's website. Many of the offers on this article are from our affiliate partners, and may be compensated if you take action with any of our affiliate partners.


About John H. Oldshue

John Oldshue is the creator of He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for
View all posts by John H. Oldshue
Featured No Annual Fee Card
Top Features : Earn cash back twice. 1% when you buy plus 1% as you pay; 0% APR for 18 months on balance transfers
Featured Low Interest Card
Top Features : No annual fee; $150 statement credit after spending $1,200 in first 90 days; 0% on Purchases for 12 months and Balance Transfers for 18 months
Featured Balance Transfer Card
Top Features : 0% APR for 21 months on Balance Transfers and 12 months on Purchases; no annual fee, late fee or penalty rate
Featured Bad Credit Card
Top Features : Reports to all three credit bureaus, perfect credit not required for approval
Featured Fair Credit Card
Top Features : All credit types welcome to apply!