Sak’s Fifth Avenue Credit Card Breach: What to Do if You’re Affected


Toronto company HBC has been pinned down as the most recent company to suffer from a major data breach.

Sak’s Fifth Avenue store credit cards have been subject to a security breach. Hudson’s Bay Co., commonly known as HBC is the owner of these stores. Five million of Sak’s Fifth Avenue and Lord & Taylor store credit cards have been compromised, according to the financial cybersecurity firm Gemini Advisory. These past few months alone have seen several news headings, including the Facebook data scandal, which is building concern around the safety of our personal information.

This Canadian company has stores all across North America. Three Sak’s Fifth Avenue stores in Canada are said to have 125,000 customers’ personal information under threat: Sherway Gardens in Toronto, Bramalea City Centre in Brampton. and Pickering Town Centre in Pickering.  The company was in the process of changing from card-swipe technology to EMV chip technology in their customer credit cards. This update means that stores who adopted the EMV technology are reported to be unlikely to suffer from this breach.

If you have a Sak’s Fifth Avenue store credit card, I would suggest scanning through your bank statements for any sign of unusual activity. HBC will offer free identity protection services to anyone affected by the breach.

Hackers began stealing Sak’s customer information back in May 2017. Since then they have been selling the data through the dark web. Many people are seized by the fear of potential personal identity theft. However, the majority of people mistakenly forget about the stolen data as it becomes old news. They see that because they haven’t experienced significant unusual charges in their monthly statements that they are free from risk. I will explain later on methods to uncover scams in your statements.

If you own one of these store credit cards, you may be alarmed that your credit card is not safe. So in this article we will be giving you guidance on how to ensure your personal data security. HBC has stated that customers will not be held liable for any fraudulent charges incurred during this breach of security.

What you should do to ensure your personal data stays safe

Whether you have been a victim in this security attack or in a similar situation, it is advised to stay up to date with the company who has experienced the breach. HBC has not released much information yet, but in time they will most likely be guiding those affected to helplines. Avail of any resources that are available to you to ensure that the theft of your personal information does not result in a financial loss for you.

On April the 4th you will be able to ring HBC’s at 1-855-270-9187 for further information if you’re not sure whether your data has been affected by this last attack.


Set up an initial fraud alert: Contact Equifax or TransUnion to place an initial fraud alert on your credit report. Either agency you contact is under obligation to communicate with the other agency. The alert lasts for 90 days. Another proactive step is to sign up for free alerts so you can catch any suspicious activity on your credit card.

Credit security freeze: In your contact with one of the above credit report agencies you may want to ask them to freeze your credit score. What this does is notifies the company to be extra vigilant of any unusual activity occurring on your credit report statements. This method is the surest way to protect any further information being collected from these hackers. It’s reassuring to know that your credit score won’t be affected by any hacking activities. Any prescreened credit offers will remain intact, but you won’t be able to apply for any new credit products.

You must remember to ask one of the collection agencies to unfreeze your account once you are ensured that your data is once again safe. This process takes between 1-2 weeks to occur after which you will be able to apply for credit again.

Look for small charges: Hackers responsible for an operation that has compromised around 5 million credit card holders have developed a high level of sophistication and stealth. Although many people search through their credit card statements for large sums being drained from their account, the reality is often very different. As seen in the graph below, most frauds work by withdrawing less than $5 from accounts. Many will glance over these as trips to the coffeehouse, but when they frequently appear over an extended period, you may be suffering more than you are aware at the hands of these hacking experts.

Change Password: Sak’s Fifth Avenue also have an online login service, where cardholders can view their statements, pay bills and look over card activity. It’s time to change your password as soon as possible. If you used this same password for any other site, these would need to be changed also.

Beware of Phishing: In light of the breach, there will be a lot of advice and contact information. Scammers will feed on people’s need to know their situation amidst the scandal. You may be sent an email from someone posing as HBC or Sak’s Fifth Avenue offering you “helpful advice” or “compensation” if you log in on the link provided in the email. Remember you will not be asked to enter any private information by email by any credit card company or bank. If you receive an email of this nature, it is fraudulent. Do not click on any links in this email.

As for phone calls, unless you initiated the call do not give out any personal details including your date of birth, your social security number or your mother’s maiden name. There is a danger here of identity theft. If you think it may genuinely be your bank, ask for their number and relate to them that you’ll call back. Scammers tend not to release a phone number as it may get tracked.

With hacking becoming a more common occurrence, particularly in the last few years, I would advise looking through your statements once a month. Remember, even the small scam withdrawals add up over time.


Compare Credit Cards

Ryan Sharma, CIM

Ryan Sharma, CIM

Co-Founder & CEO/CIO

Ryan has over 15 years of experience in Information Technology, within the global financial services industry. His career has primarily focused on leading strategic initiatives within various retail and corporate business areas to innovate and future proof financial institutions for the long term.

This information is just our view and should be not be considered advice of any sorts.
From our experience and other professionals we partner and engage with, we work to find useful tips and information that would be important to share.
If you are someone that is looking for professional advice tailored to your circumstance, please contact a bank, financial advisor, or mortgage broker.