A prior post explained the data privacy problems at the Sears.com and Kmart.com sites. In his blog, Harvard Business School professor Ben Edelman documented customer purchase information is exposed by the Sears "Manage My Home" community portal.
There are smart ways to create a community portal for customers. This is not one. Not even close.
It is a particularly bad implementation because it makes it easy for scammers to abuse Sears consumers. And, it makes it easy for thieves to case homes online to decide which homes have the most valuable items to steal. How? Thieves can get a consumer's name, phone number, and address from any online (or print) telephone white page directory.
Also, the ComputerWorld publication reported:
"US retail giant Sears Holdings has taken part of its Managemyhome.com Web site offline following revelations that the site was making customers' purchasing histories publicly available. Sears disabled the site's "Find your products" section on Friday following criticism from privacy advocates, who said that fraudsters could use information provided by the site to scam Sears customers."
Want to learn more? Read about Sears spyware and poor consumer disclosures.