As an ecommerce company, one of your biggest assets is data. You need information to understand who is buying from you, when they’re buying, and why. This help you, of course, to tailor your marketing to each individual consumer’s needs, which then gives the buyer that personal experience they crave. So, what happens when your biggest asset becomes your biggest liability?
When gathering information on your buyers, you make promises that you’ll never use that data for nefarious reasons. Even with the very best of intentions and top-notch security, that data can still be vulnerable to determined criminals. As Target can attest, and has with the latest report regarding their security breach, even the biggest and best companies can lose control of their customers’ information. The retail powerhouse recently announced that 40 million “guests” had been compromised, but the number has climbed to 110 million in recent days.
Target, just as you and any other retail or ecommerce company, relies on their customer information to help shape buyer personas and better understand the psychographic dimensions of their shoppers. Those 110 million people trusted Target’s assurances that the data shared would be safe and thus gave the company permission to use that information.
How Target Used Buyer Information to Dominate
Marketing for Target has recently been, well, on target, since the company underwent a massive makeover in the late nineties. Information from customers likely helped shape the stores into what they are today—discount retailers with quality designer products. With the introduction of social media, Target jumped right on board, providing customer service through the popular platforms like Twitter and Facebook. They didn’t stop there, though. Piggybacking on the popularity of Pinterest, Target started their own “Awesome Shop,” which shares the company’s most-pinned and highest-rated items on a daily basis.
Simply put, the company has definitely been listening to its customers. That data gathered over the years has certainly helped set the department store apart from previous competitors K-Mart and Wal-Mart. We can all agree that data has been Target’s biggest asset, right?
In the Wake of Disaster
But now the company has posted significant losses in the wake of the security breach. During the busiest shopping season of the year, Target posted a 2.5% decline in sales and announced the impending closure of 8 stores around the country. Customers who once went out of their way to shop at Target are seeking out other options, simply because they feel they can no longer trust the retailer.
The data that helped shape Target into a retail powerhouse has suddenly become the company’s greatest enemy. Yes, of course the people who conspired to steal that data are certainly at fault, but the information itself is the more important factor. Customers placed trust in the company, and that trust was broken.
What Have We Learned?
The lesson here, of course, is constant vigilance, as Professor Moody might say. We can’t be too certain that Target practiced relaxed security measures, but it’s certainly possible that the company trusted the technology to do the job without following up on a regular basis to make sure. It might be unfair to suggest that 110 million people had their information stolen because someone was asleep at the wheel. Still, it’s hard to imagine someone getting away with this kind of security breach without first finding a hole in the wall.
Be mindful of the ways in which collecting and utilizing sensitive customer data can be a liability. You must search the wall daily for the holes where criminals might creep in. Consider the many and various ways someone might gain access to the information you possess. If you miss a step, you’re putting your buyers’ trust at risk. If you think it won’t happen to your business, just take a look at how the mighty have fallen.
Make sure that any place you store customer data takes appropriate safety and security measures. It's never a 100% guarantee - after all, the Pentagon can barely keep its secrets these days - but if you don't have the in-house IT security infrastructure to protect customer data yourself, make sure your third party software providers do. Ecommerce companies typically rely on third party providers for shopping cart software, analytics tools, contact management, marketing automation, content management, and a number of other business-critical activities that handle sensitive customer data.
Finally, be sure that your customers understand what data you're collecting and how you're going to use it. Customers are significantly more likely to willingly share data - and continue to buy from companies that require certain data sharing - if they know how it's going to be used. Don't cross over from awesome personalized experiences into creepy privacy violation.
Originally published Jan 20, 2014 2:00:00 PM, updated January 18 2023