The Fraud Examiner

Fraudsters Make Data Theft Big Business
 

September 2014

By Scott Patterson, CFE


Those who work, shop or just like to wander in the gilded aisles of Saks Fifth Avenue department stores know just what the Manhattan-born retailer represents: Luxury. Status. The very best apparel, jewelry and sundry other merchandise money can buy. So when a ring of employees from a Saks Fifth Avenue in the Queens borough of New York decided to commit theft using “borrowed” customers’ credit card information, they must have thought to themselves: “Why go anywhere else?”

 

In a case of what the New York Post referred to as “binge shopping,” the crew of six employees obtained the credit card information of 22 Saks customers and spent nearly four months making illicit purchases on their accounts. The data was lifted from the store’s computer system by the gang’s ringleader, who then dispersed the information to sales associates who rang up various items (including, according to the article, hundreds of pairs of expensive shoes). After the employees were caught red-handed on store security video making the purchases, it was discovered that their haul had been worth at least $400,000.

 

While it is reassuring that they were caught – and some might question the wisdom of committing the fraud within their own store (where they could be easily identified on video) – their fraud still amounts to big headaches for the customers who were victimized. They face months and possibly years of dealing with law enforcement, credit card providers and credit reporting agencies. And for the retailer, there is still the challenge of recovering as much stolen merchandise possible – not to mention addressing questions regarding internal controls, employee screening and the protection of customers’ financial information.

 

A Small Part of a Large Concern

The Saks case is relatively small-time compared to what is happening on a more widespread scale in the retail world. The data breaches affecting Target, Neiman Marcus and other companies sent shockwaves due to their scope (in terms of customers affected). The 2013 Target breach, for example, involved information from more than 40 million credit and debit cards. News of the breach dramatically affected customers’ senses of security in dealing with Target, and the retailer’s profits in the fourth quarter of that year fell an estimated 40 percent.



Sign In

Not a member? Click here to Join Now and access the full page.