Skip to main content
close search
site logo
Dive Brief

Eddie Bauer faces $9.8M tab for data breach

Published May 6, 2019
Daphne Howland's headshot
Senior Reporter
Eddie Bauer storefront
"Eddie Bauer store Canada" by bargainmoose is licensed under CC BY 2.0

Dive Brief:

  • Eddie Bauer has agreed to a settlement with Iowa financial institution Veridian Credit Union to dispense with a class action lawsuit over a 2016 data breach, according to documents filed in the U.S. District Court for the Western District of Washington. In all, the company could expend some $9.8 million, according to the documents.

  • The outdoor apparel retailer will pay a minimum of $1 million and a maximum of $2.8 million in settlement distributions, plus up to $2 million to cover attorney fees and other costs, according to the filing. The retailer also expects to spend approximately $5 million taking steps to ensure that its payment and cybersecurity systems are safe, according to the agreement.

  • While the cost of settling the matter is steep, the retailer admits no wrongdoing, according to the filing. Eddie Bauer didn't immediately return Retail Dive's request for comment. Veridian confirmed that the matter was settled but declined to confirm details.

Dive Insight:

Retailers represent a significant share of the businesses that accept payments from consumers electronically, and a breach wreaks havoc on customers' personal and financial information, not to mention a retailer's own reputation.

U.S. retailers have the dubious distinction of being among the entities that suffer the most in this area, and the problem has worsened rather than improved, according to a study last year from data security solutions​ firm Thales eSecurity. That research found that U.S. retail data breaches more than doubled since the previous Thales report, rising to 50% in 2018 from 19% in a 2017 survey. The global average of retail executives reporting data breaches was 27%. Of global retailers, 60% reported at least one breach. U.S. retail was the second most breached segment analyzed by Thales, trailing the U.S. federal government only slightly and ranking ahead of healthcare and financial services.

Yet data breaches in retail continue. Neiman Marcus last year paid a $1.5 million settlement over a previous year's breach, a 2017 attack at Hudson's Bay banners was deemed among the worst ever, Nordstrom last year suffered a breach affecting its employees and Amazon reportedly dealt with a customer cybersecurity issue last year.

The situation suggests that retailers may not be taking enough proactive steps to prevent such problems. 

"Today, data breaches and data regulation are constantly in the news cycle. To avoid their own fifteen minutes of infamous fame, organizations of all sizes should ensure their technology partners conduct a [System and Organization Controls] audit to ensure they securely manage data," Roland Gossage, CEO of e-commerce solutions company GroupBy Inc., said in comments emailed to Retail Dive. Compliance demonstrates company data security, he said, but there are also "significant practical benefits of working with a partner that is compliant, including a more streamlined audit process, stable operational rigor and access to greater service provider information. Developing a formalized process to assess risk can ensure that retailers maintain their consumers’ trust and loyalty."

Editors' picks

Company Announcements

View all | Post a press release
OluKai Opens First East Coast Location at Disney Springs, Florida
From OluKai
November 21, 2024
Guinness is the top beer among high earners: YouGov report
From YouGov America
November 19, 2024
Aroma Retail Supports Exponential Ecommerce Growth with Descartes Parcel Shipping Solution
From Descartes Systems Group
November 04, 2024
New report profiles America's biggest Christmas gifters
From YouGov America
November 14, 2024
Editors' picks
Latest in Operations
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell