Misc

Alright, something needs to be said here. What the hell is up with Sears lately? A company that has, for the most part, stayed out of the news has suddenly found itself in a lot of hot water.

Awful Marketing released a story today indicating that Sears has shut down the part of Manage My Home.com that allowed anyone to gain information about the purchase history of virtually any person who had shopped at the store.

However, it looks like it might have been a little too late. According to the Washington Post blog a class action lawsuit was brought against the retail giant in response to their huge oversight of their own privacy policies.

Here is the response that Sears had:

“We take our customers’ privacy concerns very seriously. As a result, we have turned off the ability to view a customer’s purchase history on Manage My Home until we can implement a validation process that will restrict access by unauthorized third parties.”

“Turned off the ability … until we can implement a validation process”? Something smells like male bovine feces to me.

As a web developer, I look at this statement and the first thing that comes to mind is: they wanted it cheap, quick, and now. Handling login and registration processes to keep information secure is a huge part of creating an interactive website. My gut feeling is that somewhere along the way one of the developers probably suggested that they create a secure way to access the information available. Including a sign-in or maybe even a registration (*gasp*). However, somewhere along the way, someone said to that developer: “Well, yea, that’d be great. But how much longer will that take us and how much will it cost?”

Ultimately, the bottom line was the victor for Sears. They could push their website out the door and show people just how cool it was to be able to access information about their previous purchases. I can almost see one of the executives of Sears sitting there in Hoffman Estates sipping on a $250.00 glass of single malt scotch in their $10,000 leather chair guffawing to himself because they got their new website out so quickly and with so little cost.

Well Sears, people are starting to pay attention. This is evident by the current downward slope of their stocks that has occurred as a result of these privacy hacks.

The worst part is: this isn’t the only thing that Sears has done to destroy its reputation in the realm of consumer privacy. Within the past week or two, Sears has also been in the news for the spyware installation that occurs when joining the Sears/K-Mart community. This includes, but is not limited to the transmission of bank logins, browsing history, and so on. More information about this can be found in the CA Security Advisor Research Blog.

Although it may just be a case of coincidence, this writer finds it hard to ignore that these blatant ill practices in terms of their consumer privacy policies come just days after the former head of the company, Edward Brennan passed away. Could it be possible that this person, whose family had worked for Sears for generations, was holding the beast back from chomping on the privacy of its consumers?

Or, has Sears really just decided that they no longer care about the consumer and jumped on the bandwagon of money before people, always?

In either case, I have decided that there are too many other stores out there just like Sears, and frankly, they deserve my business more.

  • shld

    Sears spent millions with a crappy design shop developing that fluffy little website, believe it or not. They knew about the secruity concerns and did nothing which was a huge miss on the part of the head of the department.