Securing your customer data is really only as effective as the weakest link in your supply chain and partnerships. This time, the breach source was from Typeform, a SaaS-based software that builds forms and surveys. Typeform's vulnerability not only affected Harvey Norman, but also Fortnum & Mason, London's famous upscale market.
While companies are not directly responsible for securing their business partners' infrastructure, they are responsible for protecting their customer data. This means going public to their customers about what information might be exposed. While disclosure will affect the company brand, failure to do so can incur fines and result in worse reputation outcomes in the long run.
Luckily, this breach did not contain sensitive information, like passwords or credit card information. However, customers were warned to monitor for phishing or email scams.
Home and lifestyle retailer Harvey Norman has apologized to customers after suffering a data breach through the systems of a third-party website service provider. Harvey Norman operates 13 outlets in the Republic and two stores in Northern Ireland. Its 13th store in the Republic was opened last year after it acquired a 60,000sq ft facility in Tallaght’s Airton Retail Park. The company wrote to customers on Tuesday warning that names, email addresses, and telephone numbers “may have been compromised”. “We wish to alert you to a data breach that has occurred in the systems of a third-party website service provider, Typeform, which has resulted in the unauthorised access to some Harvey Norman data,” it said. Typeform provides survey and online form software which is used on Harvey Norman’s website.