Borders investigates whether customers' personal information was revealed on website
UPDATE 10:56 a.m. April 26: Some Borders Rewards customer names, email addresses were exposed, company says
Ann Arbor-based book store chain Borders Group Inc. is investigating whether any of its customers' personal data was exposed on a website that apparently contained information about its loyalty program.
File photo | AnnArbor.com
It was not immediately clear how long the website was live, how the information may have become public, or whether any information was inappropriately distributed.
Borders spokeswoman Mary Davis confirmed in an email that the website had been taken offline and is "no longer accessible externally."
"We take the security of our members' information very seriously and are currently investigating the situation," she said.
She declined to comment further.
A spokesperson for Brierley+Partners was not immediately available to comment.
The incident also comes as major corporations are increasingly struggling to dodge external ploys to gain access to customer data. Earlier this month, a company called Epsilon, which manages email marketing for major retailers like Best Buy and banks like JPMorgan Chase, announced that the names and email addresses of millions of customers may have been stolen. Borders was not on the list of companies affected by the Epsilon breach, however.
The blog run by Borders workers and ex-employees published a post Saturday about the website that may have contained the Borders Rewards information.
The original poster, claiming to be a former Borders employee who left the company "many months ago," claimed to have "pointed out this security flaw to my manager, district manger, customer support" and through an internal communication system to the company's president.