£385,000 Data Protection Fine For Uber

Ride-hailing (and now bike and scooter-hiring) service Uber has been handed a £385,000 fine by the ICO for data protection failings during a cyber-attack back in 2016.

What Happened?

The original incident took place in October and November 2016 when hackers accessed a private GitHub coding site that was being used by Uber software engineers. Using the login details obtained via the GitHub, the attackers were able to go to the Amazon Web Services account that handled the company’s computing tasks and access an archive of rider and driver information. The result was the compromising (and theft) of data relating to 600,000 US drivers and 57 million user accounts.

The ICO’s investigation focuses on avoidable data security flaws, during the same hack, that led to the theft (using ‘credential stuffing’) of personal data, including full names, email addresses and phone numbers, of 2.7 million UK customers from the cloud-based storage system operated by Uber’s US parent company.

The ICO’s fine to Uber also relates to the record of nearly 82,000 UK-based drivers, including details of journeys made and how much they were paid.

Attackers Paid To Keep Breach Quiet

Another key failing of Uber was that not only did the company not inform affected drivers about the incident for more than a year, but Uber chose to pay the attackers $100,000 through its bug bounty programme (a deal offered by websites and software developers to offer recognition and payment to those who report software bugs), to delete the stolen data and keep quiet about the breach.

Before GDPR

Even though GDPR, which came into force on 25th May this year says that the ICO has the power to impose a fine on a data controller of up to £17m or 4% of global turnover, the Uber breach took place before GDPR.  This means that the ICO issued the £385,000 fine under the Data Protection Act 1998, which was in force before GDPR.

Other Payments and Fines

Uber also had to pay a $148m settlement agreement in a case in the US brought by 50 US states and the District of Columbia over the company’s attempt to cover up the data breach in 2016.

Also, for the same incident, Uber is facing a £533,000 fine from the data protection authority for the Netherlands, the Autoriteit Persoonsgegevens.

What Does This Mean For Your Business?

As noted by the ICO director of investigations, Steve Eckersley, as well as the data security failure, Uber’s behaviour in this case showed a total disregard for the customers and drivers whose personal information was stolen, as no steps were taken to inform anyone affected by the breach, or to offer help and support.

Sadly, Uber joins a line of well-known businesses that have made the news for all the wrong reasons where data handling is concerned e.g. Yahoo’s data breach of 500 million users’ accounts in 2014 followed by the discovery that it was the subject of the biggest data breach in history to that point back in 2013. Similar to the Uber episode is the Equifax hack where 143 million customer details were stolen (44 million possibly from UK customers), while the company waited 40 days before informing the public and three senior executives sold their shares worth almost £1.4m before the breach was publicly announced.

This story should remind businesses how important it is to invest in keeping security systems up to date and to maintain cyber resilience on all levels. This could involve keeping up to date with patching (9 out of 10 hacked businesses were compromised via un-patched vulnerabilities) and should extend to training employees in cyber-security practices, and adopting multi-layered defences that go beyond the traditional anti-virus and firewall perimeter.

Companies need to conduct security audits to make sure that no old, isolated data is stored on any old systems or platforms, thereby offering no easy access to cyber-criminals. Companies may now need to use tools that allow security devices to collect and share data and co-ordinate a unified response across the entire distributed network.

Even though the recent CIM study showed that less than one-quarter of consumers trust businesses with their data security, at least the ICO is currently sending some powerful messages to (mainly large) businesses about the consequences of not fulfilling their data protection responsibilities.  For example, as well as the big fine for Uber, back in October, the ICO fined a Manchester-based company £150,000 for making approximately 64,000 nuisance direct marketing calls to people who had opted out via the TPS, and earlier this month, a former employee of a vehicle accident repair centre who stole customer data passed it to a company that made nuisance phone calls was jailed for 6 months following an ICO investigation.

New Hashtags Feature For Google Maps

Google has begun the global rollout of its new ‘hashtags’ feature in Google Maps, which allows users to add hashtags to the end of the reviews they write, thereby helping others to find local attractions and businesses.

How It Works

When using Google Maps e.g. to find places to eat or local attractions, if a Google Maps user then chooses to write a review afterwards, they are given the opportunity to add up to five hashtags to the end of the review (to keep the text easy to read).  The hashtags need to be specific to be useful e.g. #love or #food, but things like #familyfriendly, #wheelchairaccessible, #sunsetviews, or #vegetarian.

The idea is that these hashtags will make it easier for other users to discover places that have been recommended by others for specific reasons, thereby increasing the value of Google Maps to users.

More Competitive

From Google’s point of view, this (and other new features) could help Google Maps to compete against other platforms in the world of social recommendations as well as other popular local search offerings such as Yelp.

Just Local Guides For Now

So far in the rollout of Hashtags, it’s only available on Android for members of Maps’ Local Guides program.  This is the program where members receive rewards for sharing their opinions and photos for the places they visit and review.

Added to ‘Follow’ & ‘My Business’ Updates

The new hashtag feature comes right after the new ‘Follow’ feature that was introduced to Maps last month.  ‘Follow’ allows users to click a follow button for locations which enables them to receive updates about any events and offers e.g. from favourite stores and restaurants, and information about new places that are due to open soon.

The update to ‘My Business’ in Google was to enable businesses to update their Maps profile with new content, use the app to view and respond to reviews and messages, and to enable businesses to add all the content that will work with ‘Follow’.

What Does This Mean For Your Business?

Local search and platforms offering users value-adding information and recommendations about the places they plan to visit are now competitive areas, and Google wants to stay ahead of the game.  Adding social elements such as hashtags, ‘Follow’, and direct messaging all contribute to the vital engagement factor for Google and can be monetised.

Other updates to Google Maps that could add even more value to Google’s platform from a consumer’s point of view are a useful commuter tab that shows a user information about their commute e.g. real-time public transit information and status alerts about anything that could cause delays, and allowing users to control their music from inside Google Maps. Google is clearly well placed and is fighting hard to make its platform more attractive than competing offerings.  It will be a matter of opinion, however, how user-friendly all these bundled features turn out to be.

Mobile Networks Faster Than Wi-Fi

A report by OpenSignal has highlighted how the fact that smartphone users in 33 countries get faster average download speeds using a mobile network than Wi-Fi means that mobile operators and smartphone makers need to ensure that consumers’ smartphones aren’t simply pushed onto a Wi-Fi network, only to receive a worse experience than the mobile network.

Assumption Wrong

The report, by Ian Fogg of OpenSignal, highlights the fact that the long-held industry assumption that Wi-Fi is better than mobile networks in almost every way appears to be wrong in today’s environment.

For example, the report showed that in 33 countries, or 41% of the 80 countries analysed by OpenSignal, mobile delivers a faster download experience than Wi-Fi.

Also, the report shows that it appears to be hard to categorise the range of countries where mobile offers a faster download experience for smartphone users.  For example, according to the report, these range from richer markets and industrialised economies e.g. Australia, the Czech Republic, and France to countries across every continent, and a range of demographics (income, and state of development) e.g. UAE, Turkey, Kenya, Myanmar and Mexico.  The report did find, however, that there is a correlation between higher per capita GDP and more time spent on Wi-Fi, mainly because of the presence of a suitable Wi-Fi network rather than by a consumer’s decisions to connect to Wi-Fi.

Big Changes in 10 Years

The OpenSignal report acknowledges that while the assumption that Wi-Fi is better, faster, and cheaper than a mobile network may have been true 10 years ago, some big changes in the connectivity environment mean that is no longer the case.

For example, 4G networks have launched and boosted the quality of smartphone users’ experience, almost everyone now owns a smartphone, and mobile video and consumption has exploded as smartphones have become a mainstream way to watch TV (Netflix is even trialling mobile-only tariff plans).

Some A ‘Dead Heat’ With Wi-Fi

It was also noted in the report that in four countries – Hungary, Bangladesh, Belgium and Norway – there is no real difference between the Wi-Fi and mobile download speeds experienced by smartphone users.

What’s The Problem?

The problem, therefore, is that the failure to take into account the current connectivity environment, and operators working on what may now be a mistaken assumption is that smartphone users have actually been given a worse experience as they are dumped onto Wi-Fi wherever possible.

Not All The Same

The report did find, however, that not all operators always switch users to Wi-Fi.  For example, Huawei switches connections from a slow Wi-Fi link to a faster cellular connection.

Why Are Cellular Phone Networks Faster?

Reasons why cellular networks are faster with 4G in some countries (e.g. in Brazil, Finland) is that it’s easier to lay the (fibre) cables there, smartphone design priorities don’t always focus on Wi-Fi in those countries, and many smartphones there don’t work on 5 GHz Wi-Fi.

What Does This Mean For Your Business?

The report indicates that there needs to be a re-think about when and how to use Wi-Fi to complement the mobile experience, and it may be necessary for operators to challenge the old assumption that Wi-Fi is best.  To provide the best experience to their users in today’s environment, the report notes that operators need to become smarter with Wi-Fi offload strategies.

Also, Operators will need to deliver good in-building mobile network coverage from now on, because consumers will increasingly override their smartphone’s automatic Wi-Fi choice in favour of selecting cellular in order to get the fastest download speed.

It is also likely that smartphone makers are will be changing the designs of smartphones to allow the use of both Wi-Fi and mobile network technologies simultaneously to deliver the fastest data experience.

For those users of mobile services, the realisation by mobile manufacturers and operators that they must change their products and services to rely less on Wi-Fi is likely to bring a better experience going forward.

Bitcoin and Other Crypto-Currencies Hit New Lows

After losing 74% of its value so far this year, Bitcoin’s value, and that of other crypto-currencies have continued to fall this month as a sell-off takes place in what some see as the natural course for the market, and as another opportunity to buy crypto-currencies at a low price.

What’s Been Happening?

According to currency commentators, the massive 12% fall in the Bitcoin crypto-currency on Monday, follows a nose-dive that’s been part of downward trajectory for the crypto-currency which recently hit a 14-month low. Many in-the-know believe that the possible reasons for the longer-term fall and the sharp 12% drop in value are likely to be caused by:

  • The extra regulation in the US.
  • A long wait for the January 2019 launch of bitcoin futures by Bakkt, Intercontinental Exchange’s crypto platform. With Bitcoin Futures, investors and sellers make a contract to buy and sell at the agreed-upon price, irrespective of the actual market price at the time the contract is made. This may reduce risk and balance out price fluctuations on investments in portfolios.
  • Investors steering clear of bitcoin because of the price swings, concerns over a lack of regulation, and concerns over the uncharted waters of a new and undeveloped market infrastructure.
  • Investigations by the Securities and Exchange Commission of initial coin offerings and crypto exchanges.
  • Fear caused by hacks and thefts at crypto exchanges.
  • The overconsumption of bitcoin in the first place, which has now led to a market cycle back in the opposite direction as things naturally even out.

Trouble For Other Crypto-Currencies

Bitcoin is certainly not the only crypto-currency that’s been under pressure in recent times. Ethereum’s ‘eher’ has just fallen 7% in value to $106.69, and the value of Ripple’s XRP has fallen 5.6% to only 34 U.S. cents.

Also, in the light of the U.S. SEC ordering civil penalties against Airfox and Paragon Coin over their alleged selling of digital tokens as securities in initial coin offerings, both companies have found themselves having to agree to the return of funds to harmed investors, as well as registering tokens as securities, filing periodic reports with the Commission, and paying penalties.

It has also been reported that crypto-currency Tether is being investigated by the U.S. Department of Justice over possible manipulation of bitcoin prices at the end of 2017.

God Time To Buy While Prices Are Low?

Some investors, however, see the steep fall in values of crypto-currencies as an opportunity to get into viable crypto-currency projects at discounted prices.

What Does This Mean For Your Business?

The rapid rise of bitcoin value and the many problems that it experienced with regulations and restrictions in some countries (e.g. China), hacks, its volatility, a negative image from its use by international criminals and from its use in scams, a lack of knowledge about how to use it, and the fact that the high price of just one bitcoin made it (even more) niche, meant that it became a commodity and a fast-buck opportunity rather than an actual, useful currency.

Now that the huge wave of bitcoin over-consumption and over-inflated value of bitcoin has burst, many market analysts can still see a future for crypto-currencies as a part of a wider ecosystem, and that the fall in the value of bitcoin is simply a natural cycle of things finding their real level again after the boom.

Many would say that the best thing to come out of bitcoin, so far, is the underlying ‘blockchain’ technology.  Blockchain has found multiple useful commercial applications and, as tech companies are now in a race to provide the best ‘blockchain-as-a-service’ offering, businesses will be able to find opportunities to put the technology to good use in innovative ways, creating value and competitive advantages that could start shaking up many markets.

Free VPN Tools May Be Linked To China

A new investigation by Metric Labs of the top free VPN (Virtual Private Network) apps in Apple’s App Store and Google Play has revealed that more than half are run by companies with Chinese ownership.

What’s A VPN?

A ‘Virtual Private Network’ (VPN) is generally used to keep internet activity private, evade censorship / maintain net neutrality and use public Wi-Fi securely e.g. avoid threats such as man-in-the-middle attacks.  A VPN achieves this by diverting a user’s traffic via a remote server in order to replace their IP address while offering the user a secure, encrypted connection (like a secure tunnel) between the user’s device and the VPN service.

Popular Free Apps

VPNs (Forbes, 2017) are the most searched-for apps in the world, partly because people have become much more concerned with privacy and they have become more afraid of government surveillance of their digital activities.  For example, the UK government’s Investigatory Powers Bill), which was passed into 29th November 2016 as the Investigatory Powers Act (“Snooper’s charter”) means that a large list of UK agencies, including various police forces and government departments, can ask for any UK citizen’s stored browsing history (details of every website and instant messaging apps that you have visited or used in the past 12 months).

China Links To Free VPNs – Security & Privacy Concerns

Bearing in mind that the main reason for getting a VPN is to preserve your privacy and security, the problem with the results of the Metric Labs survey is that they show that over half of the top free VPN apps that people can find e.g. in the App Store and Play Store for UK and US, have Chinese ownership or are based in China.

The problem with being linked to (or based in) China, according to the report about the Metric Labs (top10vpn) survey, is that China tightly controls access to the Internet from within the country, has clamped down on VPN services, and many of the free VPN services with links to China offer little or no privacy protection and no user support.

How Bad Are They?

The investigation revealed that 17 of the 30 top free VPN apps available from simple online searches have links to China and 86% of those apps have security issues.  It was also discovered that 64% of apps have no dedicated website, and 86% of apps have unacceptable privacy policies with many being presented in an amateur fashion e.g. posted on a Free WordPress sites with ads.  Some of the privacy policies either give no information about the sharing of information with third parties, have no privacy policy at all, use a stock privacy policy not related to VPNs, or simply state that information will be shared with China.

What Does This Mean For Your Business?

When you bear in mind that the reason for downloading a VPN app is to preserve privacy, the results of this investigation indicate that simply trusting one of the free VPN apps available online, and without pausing to look at its privacy information or look too much into it could be a mistake.  If your privacy is valuable to you (and you’ve not already been provided with a trusted VPN), it may be worth seeking out a trusted paid-for service. There are many lists available online from Tech magazines that offer useful comparisons and information to help you choose a VPN that will give you the right levels of performance and security.

Business Concerns Over ‘Secondary Data’

A study by data protection and management company ‘Cohesity’ has shown that most companies store up to 10 copies of their ‘secondary data’ in different locations and must use multiple products to manage it.

The Problem With Secondary Data

Secondary data (not production data) e.g. all the data that a company collects from other sources such as reports, stats, information from trade / industry publications etc tends to be stored by businesses over time in the hope that it has / will have value to the business, could help the business to avoid problems, and could reveal more business opportunities with analysis. One main problem with the storing of secondary data, which has long been known about, is that it is often fragmented and / or trapped e.g. it is stored across many clouds, remote offices / edge locations, and / or is trapped inside a siloed infrastructure. This can result in problems such as the cost, complication and confusion of duplicated copies stored in different places and using resources to maintain and store data that may not be serving the current needs of the digital business, or adding value because of how it is stored.

The Research

Not surprisingly, the research by Cohesity, a company that offers platforms where all secondary data can be stored, appears to back up the fact that companies have a problem with secondary data fragmentation.  For example, the results of the survey, which drew upon responses from 250 UK IT decision-makers as part of a wider study involving 650 IT decision-makers in the US, France, Germany, Australia and Japan, found that most UK organisations store up to 10 copies of the same secondary data, use four or five different products to manage it, and keep it in up to four locations. These locations may include two or three different public cloud storage providers.

The research showed that the average number of copies of the same datasets of secondary data held by UK respondents is five, and that around 30% of IT teams’ time is spent managing secondary data.

Why?

The research findings indicated that 92.5% of UK respondents store multiple copies of production data in separate locations because their disaster recovery (DR) policies say they must, but when it comes to the reasons for storing so much secondary data, the findings are less clear.

The research findings do, however, show that there has been a big increase in secondary storage data volumes e.g. in 2016 to 2017 the UK average is was 38.5% rise.  This trend is also predicted to continue.

Redundant Copies In The Cloud

The research findings show that 41% of UK organisations replicate redundant copies of data held in one public cloud to another public cloud.

What Does This Mean For Your Business?

Many UK businesses appear to be storing increasing amounts of secondary data in a fragmented way with no clear plan on the horizon about what to do with it all.  Instead of being able to organise the data and use it to generate value and competitive advantages, many businesses are wasting money and resources in keeping often duplicated data stored in limbo across disparate locations.

Businesses may be able to save themselves money and turn the secondary data burden into a value-generating asset by switching to a secure, paid-for consolidated platform solution.  This could help solve the current fragmentation problems, free-up resources, could help businesses to start using the data productively, and help businesses to find an effective way of managing what looks likely to be an increasing amount of secondary data going forward.

MFA Lockout For Microsoft & Azure Users Causes Business Disruption

The latest multi-factor authentication (MFA) issue left users of Azure and Microsoft Office 365 unable to login to their accounts on Monday 21st, causing widespread disruption to businesses in Europe, Asia, and some parts of the US.

What Happened?

According to reports by Azure, the root cause was a European-based database, reaching operation threshold with requests from MFA servers.  This led to latency and timeouts, and an attempt to re-route traffic through North America caused the extra traffic to block servers.

Finally Rectified

After lasting from 4.39 am to the evening in the UK, the problem was finally rectified.  According to Microsoft reports, services could be resumed after engineers removed the link between the backend service and the Azure Identity MFA service, thereby allowing the impacted servers to catch up with the existing authentication requests.

Happened Before

This was certainly not the first time that disruptive outages had occurred with Azure and Microsoft’s service.  For example, a global outage in September this year affected Azure and Office 365 users worldwide after one of Microsoft’s San Antonio-based servers was knocked offline by severe weather.  Also, in October, UK Office 365 users endured a 3-day-long outage and had the frustration of having more login prompts appearing after their user credentials had already been entered.
Price Rise Makes Outages More Annoying
In addition to the obvious costly business disruption, the spree of outages occurring around the time of announcements of new commercial prices i.e. an increase of 10% over previous on-premise pricing (4% increase for employees who are part of a volume discount agreement), the service failures caused even greater annoyance.

MFA

Multi-factor authentication, which works by requiring any two or more verification methods for a login / transaction, such as a randomly generated passcode, a phone call, a smart card (virtual or physical), or a biometric device, is designed to be beneficial to a user and their business because it should provide an extra layer of security for user sign-ins and transactions.  Unfortunately, in the case of this most recent outage, MFA cost users rather than helping them.

What Does This Mean For Your Business?

For some companies, the recent outages at Microsoft and Azure are likely to bring into focus the dangers of placing huge operational dependency on one environment i.e. Microsoft, and of trusting a single cloud supplier to keep connected and productive during unplanned (and planned) email outages, especially when you have no independent cyber resilience and continuity plan.  In recent months, many businesses will have been counting the productivity costs of sticking to a software-as-a-service monoculture with a company whose service has let them down on several occasions.  Unfortunately, the dominance of big tech companies with their familiar Operating Systems and environments, and the fact that most businesses are committed to them with few possible, practical alternatives to choose from, mean that most businesses may simply have to unhappily endure the outages and weigh them up against the benefits and reliability of the environment generally.

For Microsoft, these outages can be damaging to its reputation and can shake the trust of its prized business users.

Make Skype Calls Through Your Amazon Echo

On Monday, the Microsoft Skype blog announced that Skype calling is now available on Amazon Alexa devices using a simple voice command and that Alexa customers can now call most landlines and mobiles internationally using Skype, as well as benefitting from 200 free minutes of Skype to call 34 countries.

Can Already Make Calls

Many Amazon Echo / Echo Plus and Echo Dot users may already be used to making calls via their Echo. Last year, Alexa-to-Alexa calls from compatible devices were enabled e.g. calling another Echo from your Echo by saying “Call (John’s) Echo”.  Also, Echo Connect combined with a user’s landline or VoIP service has enabled compatible Echo devices to call any number supported by a user’s home phone service provider e.g. contacts by name, specific mobile numbers, and by saying the individual digits of a full phone number.

How To Set Up Skype Calls On Your Alexa Device

Amazon Echo users can set up Skype calling by :

– Opening the Amazon Alexa app (the same one used to set up the Echo in the first place)

– Going to ‘Settings > Communication > Skype’

– Signing-in using the same account used for Skype

How To Make A Call Via Skype

According to the Microsoft Skype blog, once Skype has been set up on the Amazon Echo, (using an example) making a completely hands-free call should be simply a case of saying, “Alexa, call Mum on Skype.”

The new Skype call service via the Echo is being rolled out in the U.S, U.K., Ireland, Canada, India, Australia, and New Zealand.  The addition of the new feature is also being supported by a price drop in the Echo.

Video Calls With Echo Show / Spot Display-Based

The hook up with Skype also means that although speaker-only Echo devices can only make audio Skype calls, an Echo Show or Echo Spot display-based device should be able to make video calls using Skype.

It should also now be possible to make Skype calls via the Echo to other Skype-enabled devices e.g.  PCs, smartphones, or even an Xbox One console. SkypeOut also means that calls can be made to mobile and landline numbers.

What Does This Mean For Your Business?

Amazon is already the market leader (41% market share) of global smart speaker shipments, ahead of Google at 28% (Strategy Analytics data).  There is fierce competition in the huge and growing smart speaker market e.g. one-quarter to one-third of the U.S. population already owns a smart speaker, and the global number of installed smart speakers may more than double to 225 million units in two years (Canalys).  Amazon is trying to make its smart speakers as ubiquitous as possible e.g. at home, at work and in the car, and adding feature like this may make it even more attractive to customers, particularly at the season where sales are likely to be high, and where sales are already being supported by a price drop for Echo devices.  More sales of Amazon Echo devices could also mean that voice shopping on Alexa could potentially generate more $5 billion+ per year in revenue by 2020.

For users of Amazon’s Alexa smart speaker devices, the promise of easy, hands-free Skype calls could be another value-adding feature to tempt them to buy an Amazon smart speaker instead of others such as Sonos, or Google Home.

Firefox Quantum Browser’s ‘Monitor 2.0’ Will Warn You About Security Breaches

Mozilla’s latest update for its Firefox Quantum browser includes the Firefox Monitor 2.0 security tool, which can tell you whether a site you’re visiting has suffered a security breach in the last 12 months and whether your details have been leaked online.

Developed in Partnership with HIBP

Back in June, the Mozilla blog detailed how it was testing the Firefox Monitor tool which was being developed in partnership with HaveIBeenPwned.com (HIBP), a service run by Troy Hunt, described by Mozilla as “one of the most renowned and respected security experts and bloggers in the world”.  At the time of testing, it was announced that Monitor, through its HIBP / Firefox partnership, would be able to check a user’s email address against the HIBP database in a private-by-design way.  Mozilla said that visitors to the Firefox Monitor website would be able to check (by entering an email address) to see if their accounts were included in any known data breaches, with details on sites and other sources of breaches and the types of personal data exposed in each breach. It was also announced that the Firefox site would offer recommendations on what to do in the case of a data breach, and how to help the user to secure their accounts.

Rolled Out

The Monitor 2.0 security tool that’s just been rolled out in the latest Firefox Quantum update can tell you if your details have been leaked online (if you visit monitor.firefox.com), provide a desktop notification /alert when you visit a website that’s been compromised in the last 12 months, and give extra security details such as how many accounts were affected by a breach and what happened in the breach.

You Can Turn Notifications Off

Mozilla has been quick to point out that the Monitor tool has been designed to help but not annoy users and as such, if you’ve already been told about the potential security issues, you can navigate back without being told again and you can disable the notifications altogether with a just few clicks, if you’d prefer not to see them.

What Does This Mean For Your Business?

Google Chrome dominates the browser market, but there is still a lot of competition among those fighting it out with a less than 10% share of the market – Apple’s Safari, Firefox, Microsoft’s Internet Explorer & Edge.  Adding this tool, that’s linked to a renowned security expert, to the Firefox browser could add some real value at a time when the news is full of major security breaches, but most of us may not know how to check whether our details have been stolen, and what to do next.

Businesses always need to be very security-conscious, particularly since the introduction of GDPR, and being able to see notifications about pages that have been breached may be another way that business users can help to protect themselves.

The tips and personal stories of those who have been affected by a data breach highlighted on the Firefox website for Quantum business users may also help raise awareness about online privacy and could help provide prompts and ideas to help keep improving data protection and cyber resilience in businesses.

Which? Survey Reveals Best & Worst Online Retailers

The results of a new survey by consumer watchdog ‘Which?’ has revealed the UK’s best and worst online retailers, according to the experiences of 10,000 Which? members over 6 months.

Homebase, Red Face…In a Bad Place

Unfortunately for Homebase, which is currently undergoing a restructuring that will involve 42 store closures, their online store was ranked lowest with a score of 55%.  The low score was mainly due to users saying that navigation was difficult and that the online shop didn’t always provide up-to-date information.

Near The Bottom

Other companies just ahead of Homebase, but still near the bottom of the online retail pile according to the survey were Sports Direct and Dorothy Perkins with 61%, DIY retail giant B&Q with 62%, WHSmith.co.uk with 63%, and JDSports.co.uk also with 63%.

Liz Earle Top

At the other end of the scale, Liz Earle’s online store was voted top with an impressive 94% satisfaction rating, closely followed by RicherSounds.com, Rohan.co.uk, SeasaltCornwall.co.uk, and WexPhotoVideo.com, all with 93%.

Best Big Retailers

The best of the big retailers to make it into the top 10 online favourites were JohnLewis.com in sixth place with a 90% satisfaction score and Dyson.co.uk just behind in seventh place with 89%.

The full tables of best and worst retailers can only be viewed online at the Which? website by Which? members, although many media outlets have published the key elements of the results.

Factors

The factors that the numerous online shops were rated on were based on the experience of Which? members as regards things like ease of navigation and other experiences of the online shop itself such as price, product range, deliveries, quality and the returns process.

What Does This Mean For Your Business?

ONS figures show that online sales accounted for 17.4% of all retailing in the first quarter of this year, and as such it is a vital component in modern retail success stories. Online shopping offers consumers convenience, speed, a wider choice of products than the physical store, and often better prices, particularly when you factor in the money saved by not paying for travel to the store. There is also a general perception that goods are cheaper online, even if that’s not always the case.  With Black Friday and Christmas shopping online ahead, these results are significant for both the retailers and the consumers. For retailers that had low scores, the results (not the publicity surrounding the results) may even be a good thing in helping them to make changes to their online stores that could increase sales.

The results and customer satisfaction tables from this survey serve to illustrate that being able to offer personal service, quality items, being able to give customers exactly what they want, and offering a good delivery service are very important, and these are areas where smaller, specialised retailers can often win.