Chuck I've Been Schwab'd

Last week I received the following letter from Charles Schwab that they had lost a computer that contained unencrypted personal information including my name, social security number and account number. Given that I've got a few accounts at Schwab all associated with my name and SSN, let's assume they lost them all.

Click the images to see the letter.

How nuts is this? Another year and another supposedly high tech firm can't handle basic technology protocols like storing customer information on a server in a data center and if they need to store it on a laptop or desktop, then encrypt it so it can't be read.

And Schwab's letter? This obviously wasn't written by the folks who do the Talk to Chuck campaign.

1. "You may have been impacted..."
   No. I was impacted. Not may have been impacted. Someone has my personal info and it's Schwab's fault. I now have to monitor my credit reports once again.
   
   
2. "... a recent data incident."
   No. This was a process incident. It was a control incident. It was a security incident. Data was involved. But it was not a data incident.
   

And the line that really puts Charles Schwab in the leagues of Companies Acting Badly:

"It doesn't appear that the theft of this computer hard drive was intended for fraudulent purposes or identity theft".

Really? How do the braniacs at Schwab know the robber's intent? Have they spoken to them? Schwab can't monitor my credit reports so how would Chuck know if someone now had fraudulently taken out credit in my name? Even if Schwab could monitor my credit (which it can't) how would they know if a new credit card was taken out by me or fraudulently by someone who had stolen my SSN off their computer? Schwab can't and this line is useless and insulting.

Perhaps Schwab hired the same brilliant lawyers who helped BNY Mellon write that "we have no reason to believe your information has been or will be accessed or misused".

I checked Schwab's site to find their policy on personal information and found that they may have violated their own rules (click here to see their policy). According to Schwab, they "take steps to protect you from identity theft", including:

• using firewalls and encryption technology to protect personal information on our computer systems;
• training our employees on privacy and security to properly handle personal information about you.

Not quite a shining Chuck moment.

I tried calling the phone number Schwab gave in the letter and it was evident that this person and their supervisor were reading a script. In short, they didn't know when the theft occurred but could tell me it was in 2009 and they offered me a key fob random number generator to make my sign on to Schwab more complicated.

E*Trade and TD Ameritrade are offering me 25,000 frequent flyer miles to move my accounts. Will they have any better security over my personal info?

Charles Schwab joins IBM, Intuit and BNY Mellon as Companies Acting Badly for managing to lose my social security number and other personal information.

Stick it to Learning Express

Anything that would drive customers away from paying high prices for items at your store would seem like a dumb idea for a franchisee, especially in this economy. Learning Express of Westport, CT must either be flush with cash or have a lot to learn as they just ensured that I will not return and encourage my friends not to shop there.

What brought this about?

First some background. Learning Express sells many of the same toys (like Lego) that you'll find at Toys R Us, just with higher prices and a smaller selection. Why pay higher prices or have less choice? They wrap toys with Learning Express gift wrap and affix a from/to sticker to the outside so you can write the name of the birthday child and your child who gave the gift. We've been shopping there for 6 years.

Back to today.

My son recently received multiples of the same birthday gifts at his party. We returned a couple of toys to Learning Express of Westport and got a credit a few weeks ago. So far so good. We used the credit to purchase gifts for upcoming other kids' parties. The total was more than our credit so we paid the difference in cash. So far so good for us and Learning Express.

Until it came time to affix the from/to sticker. They wouldn't do it. That's right. The franchisee wouldn't put a 1 cent sticker on the toy because he said he had to spend too much time wrapping gifts. He won't affix a from/to sticker if you used a credit.

Dumb.

Stew Leonard's has a rule - the customer is always right. Learning Express' rule should be something like - for a penny, I'll lose a customer.

Learning Express joins the ranks of Companies Acting Badly for encouraging its customers to shop elsewhere, for making the exchange process cumbersome and for losing a customer over a 1 cent sticker.