PR Nightmare for Apple and Home Depot: Fancy Footwork Needed After Hacking Attacks

GTY apple2 kab 140903 16x9 608 Apple (AAPL), Home Depot (HD) Tread Lightly on Hacking Attacks

                       (Photo Credit: Michael Nagle/Getty Images)

From my MorningMoneyMemo at abcnews.com

Don’t blame us. That’s what Apple is saying in a very carefully worded statement about the hacking of nude photos of celebrities.

“None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone,” the company says.

OK. But if any weaknesses or bugs in Apple’s cloud-based systems were to be found, it would be a major embarrassment. The attacks come less than one week before Apple shows off its new iPhone.

“After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet,” Apple said in a statement. “To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification.”

Apple says the hacking attack involved user names, passwords and security questions of specific celebrity iCloud accounts.

ABC News’ Alex Stone reports: “In 2012, a Florida man admitted to – and was sent to prison for – hacking into celebrity email accounts and stealing nude photos,”

“He would get a celebrities’ email address and then click Forgot Password on the email welcome screen. When prompted to answer security question – like a mother’s maiden name – he was able to find the answers online and then gain access.”

Home Depot is also dealing with what could be a massive hacking attack.

The No 1. home improvement retailer says “we’re looking into some unusual activity.” The company is working with banks and law enforcement, including the Secret Service, after a probable credit card breach.

“Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point,” a spokeswoman said.

Hackers have broken security walls for several big retailers in recent months – including Target. The rash of breaches has rattled shoppers’ confidence in the security of their personal data and pushed retailers, banks and card companies to increase security by speeding the adoption of microchips into U.S. credit and debit cards.

Supporters say chip cards are safer because, unlike magnetic strip cards that transfer a credit card number when they are swiped at a point-of-sale terminal, chip cards use a one-time code that moves between the chip and the retailer’s register.

The result is a transfer of data that is useless to anyone except the parties involved. Chip cards are also nearly impossible to copy, experts say.

The possible data breach at Home Depot was first reported by Brian Krebs of Krebs on Security, a website that focuses on cybersecurity. Krebs said multiple banks reported “evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards” that went on sale on the black market.

The breach may have affected all 2,200 Home Depot stores in the United, Krebs says. Several banks that were contacted said they believe the breach may have started in late April or early May.

“If that is accurate — and if even a majority of Home Depot stores were compromised — this breach could be many times larger than Target, which had 40 million credit and debit cards stolen over a three-week period,” the Krebs post said. Krebs said that the party responsible for the breach may be the same group of Russian and Ukrainian hackers suspected in the Target breach late last year.

It’s an open question whether repeated reports of hacking will change consumer behavior. Periodic cases fuel outrage, but there’s no retreat from digital engagement or any imminent promise of guaranteed privacy.

“We have this abstract belief that privacy is important, but the way we behave online often runs counter to that,” said author Nicholas Carr, who wrote the 2010 book, “The Shallows: What the Internet is Doing to Our Brains.

“I’d hope people would understand that anything you do online could be made public,” Carr said. “Yet there’s this illusion of security that tempers any nervousness. It’s hard to judge risks when presented with the opportunity to do something fun.”

Richard Davies Business Correspondent ABC News Radio abcnews.com Twitter: daviesnow

Advertisements

Will Gift Buyers Change Their Minds About Shopping Online?

AP amazon center tk 131216 Online Shopping Surge Causes Christmas Gift Delay

A busy Amazon distribution center, just before Christmas. AP Photo.

This year may have been the tipping point for online sales, and that’s a big reason why UPS and FedEx were overwhelmed by delivery problems just before Christmas.

Both shipping firms faced customers’ complaints about delayed gifts. UPS spokeswoman Natalie Black admits “demand was much greater than our forecast,” adding “we are sorry.” Shippers said bad weather also contributed to the delays.

This year has seen a surge in online shopping.  According to IBM Digital Analytics, online Thanksgiving weekend sales jumped about 15 percent compared to 2012, and the Christmas week increase may have been greater.

Amazon, Walmart and Kohl’s were among the retailers that missed some target delivery dates. While online sales soared, foot traffic was down at many brick and mortar stores. Amazon says its customers who did not get their goods delivered on time would get a $20 gift card.

The day after Christmas is usually the busiest of the year for returns and shoppers who buy things with gift cards. “The most common things that are returned are toys,” says Travis Preston, manager of a Super Target in Shawnee, Kan.

“You know it’s just that day and age where people want it and they want it now and they want it quickly to the point where multiple family members bought the same thing for the same child.”

Preston’s advice to shoppers with returns is that if they want to get fast service bring a receipt. “It’s one scan for our team member and we can get you in and out in a couple minutes.”

Headaches at Targets are even more intense than for most retailers. Reuters reports the hackers who stole data on up to 40 million credit and debit card accounts also obtained encrypted PINS – personal identification numbers. Target says it has no reason to believe PIN data was stolen.

The company says it is aware of “limited instances” of scam emails, where fake emails have been sent to customers. Target says it is creating a section of its website to contain copies of Target’s official communications.

Shipping stuff may get even more expensive soon. Postal regulators have approved a temporary price hike of 3 cents for a first-class stamp, to 49 cents a letter. Other rates will also rise. The Postal Service is losing billions of dollars a year.