[BreachExchange] How Saks and Lord & Taylor's CEO Dealt With a Massive Data Hack a Month Into Her Job

Audrey McNeil audrey at riskbasedsecurity.com
Thu May 17 18:01:23 EDT 2018


Sometimes there’s nothing like a little trial by fire.

After 25 years at CVS, Helena Foulkes was named CEO of Hudson’s Bay
Corporation, the parent company of retailers such as Saks Fifth Avenue and
Lord & Taylor, in February. But she didn’t exactly get a chance to ease
into the new role: A month into her tenure, hackers claimed they had gained
access to five million credit and debit card numbers of HBC’s customers.

“It brought our team together,” Foulkes said in her first interview as HBC
CEO at a Fortune Most Powerful Women dinner in New York City Monday
evening. She held regular calls with her company’s top leadership—including
on Easter Sunday—to discuss next steps. The strategy appears to have paid
off, as she says the FBI later told her that HBC had “the fastest response
to a breach they’ve ever experienced.”

Foulkes’ first steps to contain the hack? “Sharing as much as we could say
with confidence” with in-store associates, who are the ones communicating
with shoppers, she said. The company also provided customers with a hotline
and free credit monitoring support.

In short, the company did “all the things we could do to say we’re here for
you and we’ll have your back if something happens to you,” said Foulkes.

The response was in line with the five principles the CEO said she is
implementing at the company: 1) Think like a customer 2) Have an action
orientation 3) Focus on game-changing initiatives 4) Be inclusive 5)
Measure results.

Though the CVS veteran is a newcomer at the company, Foulkes said her
executive team is open to change: “They’ve really embraced me and allowed
me to move fast.” That attitude comes, in part, because “the company knows
it needs a turnaround.”

Like other department store operators, HBC has seen sales decline as
shoppers’ spending habits change. Yet the company has taken some radical
steps to improve the business—including launching a Lord & Taylor store on
Walmart.com and partnering with coworking company WeWork. Foulkes says
those experiments helped convince her to take the job as chief.

“I like radical thinking,” she told the Fortune audience. “That signaled
that this is a company that’s willing to think differently.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180517/a4929603/attachment.html>

More information about the BreachExchange mailing list