Sears caught with their hands on your data!
It appears that Fortune 500 company did not learn anything from the Sony/BMG fiasco a few years back. A SearchSecurity.com blog reports that
It seems that Sears, which sells just about everything under the sun, has decided to get into the business too. The retail giant recently has come under fire from a researcher at CA who discovered that Sears’ Web site installs a nifty piece of developed by ComScore on the machines of some people who join the company’s community. The researcher, , describes in great detail on CA’s security blog exactly what the software does, how little notice Sears.com gives users about the program’s capabilities and how much data it collects.
Here is a summary of what the software does and how it is used. The proxy:
- Monitors and transmits a copy of all Internet traffic going from and coming to the compromised system.
- Monitors secure sessions (websites beginning with ‘https’), which may include shopping or banking sites.
- Records and transmits “the pace and style with which you enter information online…”
- Parses the header section of personal emails.
- May combine any data intercepted with additional information like “select credit bureau information” and other sources like “consumer preference reporting companies or credit reporting agencies”.
In other words my friends they have access to everything you do over the net and you won’t even know it. Last time I ever shop at Sears, in person or online, let me tell you.
