Potential Data Breech for J.C. Penney

Jan 23, 2008 11:27 PM  By

Credit card holders of general merchant J.C. Penney Co. are among the 650,000 customers whose personal information may have been compromised because of a lost back-up computer tape.

The credit card data, which is handled by GE Money and was stored in a warehouse run by Iron Mountain, had been missing since October, says J.C. Penney spokesman Tim Lyons. But the general merchant is not yet considering it to be a security breech, since the tape is still missing.

“It’s not technically a breech of data yet,” Lyons says. “There’s no evidence that it ever left Iron Mountain, or that anyone has used it. We’re aware of it though, and the security of our data is very important to us.”

GE Money did not return phone calls to MULTICHANNEL MERCHANT, but Lyons says he was told GE Money has directly contacted every customer that has been affected. J.C. Penney is the only retailer that has been identified, but Lyons says only a “fraction” of the names were linked to J.C. Penney credit cards.

In other J.C. Penney news, the Plano, TX-based company announced last week it will close its call center in Moosic, PA, on March 28. Lyons says 275 jobs will be affected.

Opened in 1988 to handle catalog customer service, “the [Moosic ] call center has been there to take catalog orders, but more of our direct business has migrated online,” Lyons says. J.C. Penney’s Internet order volume, which surpassed $1 billion in 2006, is now higher than its call center business.

Closing the call center is part of a cost-savings initiative for J.C. Penney. “The facility is leased, and it was up for renewal,” Lyons says. The location was also targeted because the bulk of the company’s seven call centers are in the Eastern Time zone, and it wants the locations to be spread throughout the U.S.