The latest consumer privacy slip-up is courtesy of Saks Fifth Avenue, which has left personal information on tens of thousands of its customers basically lying around in plain sight.
The unencrypted, publicly available text information included the email addresses and product codes of items customers had expressed an interest in buying, according to a report in BuzzFeed.
“This is as bad as security gets,” said Robert Graham, a cybersecurity expert and owner of Errata Security, to BuzzFeed News. “Everyone is vulnerable.”
Saks' online shopping site is operated by its corporate parent, Hudson's Bay Company of Canada. The company said it is "taking this matter seriously" and insisted that the unsecure data did not include credit card numbers or passwords.
Hudson's Bay has recently been in takeover talks with Neiman Marcus and Macy's. It is the oldest continually operating retailer in North America, having been founded in 1670.