Signet Jewelers the company that owns Jared and Kay Jewelers has fixed a massive data breach that allowed anyone to view the order information of other customers including a home address and the last four digits of a purchasers credit card according to a Monday December 3 report The problem came to light in the middle of November when a web designer in Dallas named Brandon Sheehy bought a pair of earrings for his girlfriend from Jared online Sheehy found out that when he modified the link in the confirmation email just slightly and pasted it into a web browser he could see another customers order The information clearly showed the customers name shipping and billing address phone number email address all items and total amounts the delivery date the tracking link and the last four digits of the customers credit card number My first thought was they could track a package of jewelry to someones door and swipe it off their doorstep he said My second thought was that someone could call Jareds customers and pretend to be Jared reading the last four digits of the customers card and saying thered been a problem with the order and if they could get a different card for the customer they could run it right away and get the order out quickly That would be a pretty convincing scam Or just targeted phishing attacks Sheehy contacted Jareds parent company Signet Jewelers to report the issue and ask that it be resolved he said but he could still see the info for weeks Scott Lancaster the chief information security officer at Signet said the company fixed the issue for all future orders but until recently didnt fix the issue for past orders When a customer first brought this matter to our attention in early November we fixed it for all new orders going forward Lancaster said But we didnt notice at the time that this applied to all past orders as well as future orders LATEST INSIGHTS Our data and analytics team has developed a number of creative methodologies and frameworks that measure and benchmark the innovation thats reshaping the payments and commerce ecosystem Check out the latest PYMNTS report on driving gas pump payments to the C-Store Related Items data breach ecommerce News security and fraud Signet Jewelers Whats Hot