Fashion brand Witchery was forced to shut down its mobile site yesterday after a customer reported a security breach which revealed other shoppers’ personal details.
Customers’ orders and details such as their names and addresses were exposed by a glitch in the ‘track my order’ function.
Mobile site users were able to edit the profile information of other shoppers and see all other orders being processed on the website.
Country Road Group (which owns Witchery and other brands such as Mimco) general counsel Melissa Hennessy told SmartCompany the issue has been fixed and the site is now back up and running.
“There was one complaint made and we looked into it immediately and found the problem,” she says.
“We shut down the Witchery mobile site, but not the whole site. We weren’t able to replicate the problem, but we took the conservative approach and it’s now been fixed.”
Hennessy says it was only a low-level privacy breach, but all security breaches are taken seriously.
“We are level one PCI compliant, the highest standard in the industry which means no credit card data was accessed or exposed,” she says.
“It took a couple of hours to fix … it only impacted a limited subset of customers and it’s been contained.”
Since 2010 there has been a surge in the number of people using their mobiles to shop online and this is the first incident Witchery has had with its site.
Roy Morgan research from earlier this year revealed smartphone shopping has increased by 101% in the past 12 months.
Bricks-and-mortar retailers such as David Jones and Myer have also been trying to harness customer spending by adding ‘click and collect’ options to their online sites to capture online spend while driving customers in-store.
But despite the growth in e-commerce, many Australians are not convinced about the security of online sites.
Roy Morgan research based on 50,000 interviews found 56% of Australians do not feel comfortable giving their credit card details online.
“Even among those who have bought online in an average three-month period, nearly two-thirds say they only buy from retailers they know and one-fifth only buy from Australian retailers,” Roy Morgan chief executive officer Michele Levine said in a statement.
“Within just a few years, smartphones have added another layer of complexity to the scene. While over half of Australians now own a smartphone, less than 7% of them bought online using the phone in the last four weeks – nevertheless this is double the proportion a year ago.”
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.