Logically Logo

THREAT FACTOR | EPISODE 5

One Store's
Point-of-Peril

Wrongful credit card charges, frustrating customers,
and a company-wide breach. What more could go wrong?
CJ
CJ
SHUTTER PRO
STORE MANAGER,
DUBLIN OH
LIKES:
Discounts and perks, competitive environments, employee incentives
DISLIKES:
Slow sales periods, complex store policies, inventory issues
JOB RESPONSIBILITIES:
Oversee store operations and
   track sales performance
Ensure customers have a positive
   experience
Identify new market opportunities
   to expand the customer base
Align in-store promotions with
   marketing campaigns

Same Old Song and Dance

I remember I logged onto the computer that first morning—you know, before everything hit the fan—and saw this email from the CEO about our return policy changing to 15 days. I rolled my eyes. Another policy change? That’s not going to fix anything. I skimmed the rest of the email, figured it wasn’t worth the effort to dig into the fine print, and moved on.
Camera and receipt image
Later, a customer came in with a digital camera they had bought 19 days before, trying to return it. I took a quick glance at the receipt and told them they were out of luck. I explained how we had just changed our return policy, and their purchase was past the 15-day window. They started going off on me like it was my fault they didn’t read the policy. “Ugh, I don’t get paid enough to deal with this nonsense,” I thought.
We go back and forth for a bit, but I don’t budge. Our training taught us to uphold the company policy, so uphold the policy I shall. Eventually, they leave in a huff, and I just shrug it off. I’ve seen way worse, and honestly, I’ve got more important things to care about—like counting the hours till I can head home and crack open the tub of ice cream calling my name.

That Was a Close One

That following day was pretty dead, which I was not complaining about. I decided to fill the time by checking my personal emails while munching on some Goldfish crackers (the best snack in the world). As I scrolled through a slew of spam emails, I came upon this email about a fraudulent $200 charge on my credit card.
“What! I know I didn’t buy anything remotely close to that amount recently,” I thought. I quickly called the support number in the email to let them know it wasn’t me. Someone answered immediately and walked me through reversing the charge on my computer.
Of course, a customer walked in right in the middle of this. Great timing, right? I rushed to wrap up the support call while trying to make it not look like a personal phone call—I couldn’t get caught doing that again. The operator then told me everything was fixed, and I let out a sigh of relief. “Thank god I saw that email!” I thought.
As I hung up, the customer was completing her lap around the store and standing at the register. I happily rang her up and watched her excitedly walk out the door with the new DSLR camera she had seen on our Instagram page the day before. Moments like that are what keep me in this job—I love it when I can make someone’s day. After that encounter, I started getting excited about the spin class I scheduled for after work. I knew it was going to be a great way to end the day.

The Ransom Wake-Up Call

The following day was supposed to be my day off, but at 7:30 AM, my phone started ringing. It was my associate opening the store, and she was freaking out. “CJ, I can’t log into the computer! It’s completely locked!” “Great. So much for my plans,” I thought. I threw on some sweats, grabbed my keys, and headed to the store, already regretting that I’d have to deal with whatever this was so early in the morning.
Hacked image
When I got there, the first thing I saw was that ransom note glaring at me from the screen—that one wasn’t in the training manual. Hoping it was just us, I called the Worthington store and found out they were locked out, too. That’s when I found out the whole company was in deep trouble.
Tiredly, I jumped into action to help out my associate for the day. We spent that entire day taking payments by hand and apologizing to customers for the inconvenience. I silently counted the hours until I could get home to my dog and curl up with a good book. 

A Visit From Corporate

The next day, I was back in the store again, helping out with the manual payment processes. I was just trying to get through the day when the Chief of Staff, Wes, and an IT team member named MJ showed up at our store. Hearing them talk through everything made me realize this was much more serious than I thought. They tell us they’re bringing in temporary mobile payment processors connected to our Shopify account and give us a quick tutorial.
I was actually excited about these new devices—they were sleek and easy to use, and I didn’t have to be at the register to check a customer out. “Maybe this ransom thing isn’t all that bad,” I thought.

The Plot Thickens

The atmosphere in the store felt different the next day. I walked in and saw my associate staring at the computer screen with a shocked look on her face. “Oh, gosh. What could it be now?” I thought. As I approached her, she jolted her head around and said, “You’re never going to believe this… That hack? Yeah, it originated at one of the Ohio locations,” she laughed. 
My brain started racing—hold on, we’re in Ohio. I was shocked, and of course, I wanted to know more. Was it Westminster? I always had a bad feeling about their manager. “He’s probably in on it,” I thought.
ShutterPRO on map

Over It Already

Even after my hours of research, I still couldn’t piece together how this could’ve happened. But I guess that’s the thing with these cyberattacks; they sneak up on you when you least expect it—or at least that’s what I’ve read. I just hope that the IT team and higher-ups figure out what they’re doing soon, because this old-school, pen-and-paper routine? It’s not my thing. All I want is to get back to normal, where the biggest headache is a customer trying to return a camera past the return window, not some faceless hacker causing chaos.

Register to be notified when the truth comes out!