Credit: Jonathan71, CC-BY-SA-3.0, via Wikimedia Commons
Bloomingdale's suffered a major glitch last week, with some customers receiving gift cards that were issued in amounts 200 times what they should have been. At least one customer received a $25,000 gift card. The situation illustrates two huge retail IT security issues. First, Bloomingdale's apparently has no human approval for gift cards, since it's hard to envision someone approving such amounts without question. But the second issue is that chains have almost no meaningful system for dealing with such glitches.
The problem began when a system confused the number of "Loyallist Points" issued and the dollar values. As Buzzfeed noted, in the Bloomingdale's system, 5,000 points is enough to get a $25 gift card. Some customers with 5,000 points were instead given $5,000 gift cards. Although this is a really bad mistake, all it takes is a small coding error to point to the "points" field instead of the "value" field. It's the exact kind of problem that a human supervisor would instantly spot — given the chance.
But the more frustrating problem is that, once discovered, there is little a retailer can do beyond cancelling the cards as quickly as possible and hoping that the losses are minimal. You can't, however, blame Bloomingdale's for trying.
The Buzzfeed story told of one knowing Bloomingdale's shopper who received a $25,000 gift card and decided to go on a spending spree. This customer headed to a brick-and-mortar Bloomingdale's, probably figuring that any online orders would be canceled before they were shipped. (Somehow, he only spent $17,000. Really? You leave $8,000 on the table? You never heard of eBay?)
At that point, Bloomingdale's customer service reached out, telling him that he "needs to" return the merchandise. He declined the kind request. A mathematically challenged rep then offered him a $100 gift card if he would give back the $17,000 worth of goodies. That offer assumes that Bloomingdale's customers are fundamentally honest and selfless. Does Bloomingdale's realize that these are the same people that they see on Black Friday, trampling strangers with bloodlust in their eyes?
The only leverage Bloomingdale's could actually exercise was to say that if the customer didn't return everything, Buzzfeed said, "he will be banned from the loyalty program — a seemingly acceptable sacrifice for the $17,000 worth of free stuff he picked up."
This is a legally delicate area. Does Bloomingdale's really want to sue its customers? Not only is that a bad PR move, but it would open Bloomingdale's up to discovery and depositions digging into the nature of the glitch and how it happened.
A wiser approach would be to run with the publicity around this glitch and treat it as a sort of IT glitch lottery. The retailer would then seem generous simply by admitting to itself that people were probably going to keep everything they got anyway, and at the same time it would be encouraging people to shop at the chain and buy gift cards, in the hope that they may luck out some day.
Sign up for CIO Asia eNewsletters.