Buttler Schein Animal Health (a Henry Schein company) sent the following notification to customers of their subsidiary, MyVetDirect.com:
We are writing to inform you that we have learned that there was a recent security incident at Butler Schein Animal Health’s systems (MyVetDirect.com) where your veterinarian’s Website is hosted. This incident may have resulted in the unauthorized acquisition of certain personal information about you in connection with one or more orders you placed through your veterinarian’s Website and which were filled by Butler Schein Animal Health. This information could include personal information such as name and address; telephone number; email address; credit card information and numbers; and information relating to your purchase, including billing and delivery information. The incident was promptly reported to law enforcement authorities as well as credit card authorities and credit reporting bureaus, and they are investigating the incident.
You can read the rest of their December 13 notification here, while I mutter to myself about why they stored credit card numbers.
I have been in business for almost 20 years as a Home Based Business. I have chosen the Home Business route and drop shipment of items to same time, heartache and frustrations over a brick and motar store. One of the main reasons I backed off was the use/ ease of use with credit cards. When the business started, we brainstormed; looked forward at the potential issues of stolen credit card information, lease/rent costs, insurance, theft of products, overstock and understocked, a slow enconomy and other issues. In the long run, the “cons” largely outweighed the “pros”. To this day, the scenario seems the same.
Sure we are probably missing out making tens of thousands of dollars a month, but I have to weigh in the amount of grief and misfortunes into that remedy. We are not greedy, and this also equates to caring about the customer and their privacy. We treat people the way we would want to be treated. People who are in it strictly for the money tend to be lax in other areas, and eventually have little to no commitments to customers concerns in the long run.
Don’t get me wrong, for businesses that boom, and services that require face-to-face intervention, there is a valid reason to open a storefront. Just remember to revisit/revalidate the risks associated with the storefront, and all should be fine.
Currently we utilize an on line payment system and it works great. It alleviates us from having to store CC data for long periods of time. We DID do a CC payment gateway for a period of time, but it was another cost that truly was not worth the monthly cost. We now pay a minimal fee, and do not see, nor care to have customers credit cards on file. We keep all client information on a system that is NOT conected to the internet, and is NOT a laptop.
Not all scenarios work for everyone. But the success of a business is to promote the business, ensure the customer base stays happy, information is secure and the people return.