DSW Settles Data Theft Case
Discount shoe retailer Designer Shoe Warehouse, which discovered in March that information on 1.5 million customers had been stolen, has agreed to do more to keep identity thieves at bay, the Federal Trade Commission said Thursday.
In a settlement, the Columbus-based company will put in place a comprehensive security program and have its systems audited by independent experts every other year for 20 years, the government said.
In March, DSW found that credit, debit and checking account numbers of customers in 25 states had been stolen by hackers breaking into the company’s database.
The victims in the DSW case included the FTC’s chairwoman, Deborah Platt Majoras, who received a warning letter from the retailer in June.
In its complaint, the FTC charged that DSW unnecessarily held on to sensitive customer data it no longer needed and stored the information in multiple files, increasing the risks to consumers. Regulators also said the company failed to use adequate or readily available security measures to limit access to its computer networks and to detect break-ins.
Some DSW customers have reported fraudulent charges to their accounts, and others with checking accounts have asked the company to pay the cost of closing accounts and ordering new checks, the FTC said. DSW has been reimbursing some of those expenses.
DSW, a subsidiary of Retail Ventures Inc., said that it did not agree with all of the agency’s allegations, but that the settlement “validates the importance we place on security and brings closure to this matter.”
DSW noted that when the theft was discovered, it took immediate steps to notify customers and put in measures to prevent future thefts. The company said its exposure for losses related to the breach ranged from $6.5 million to $9.5 million.
No charges have been filed and the theft remains under investigation, DSW spokesman Chas Withers said.