Data Security Is Still Top of Mind

The ramp-up of technology innovation in the convenience store industry has been a welcome effort among retailers and their customers alike. Connecting the store physically and digitally for c-store shoppers has many benefits and few disadvantages.

Cost, employee training and building customer awareness are among the drawbacks —and the one that keeps retailers from getting a good night's sleep is data security.

As the channel rolls out more advanced loyalty programs and collects more data on customers, c-store technology executives increasingly cite security as the one element of store operations that raises heightened concern.

At the 2023 Convenience Store News Technology Leadership Roundtable & Dinner, held earlier this month in Atlanta, thoughts on data security ranged from "it's a mess" to "it keeps me awake at night."

In our 2023 Technology Study, 38 percent of respondents cited improving data security as a top business priority. Honestly, that number seems a bit low to me. 

Maybe it's because the lion's share of c-store retailers are already EMV compliant inside the store and most are making inroads to be compliant at the forecourt. Maybe it's because news of major breaches in the channel have been quiet for the past few years.

In December 2019, Wawa Inc. reported a data breach that affected approximately 34 million payment cards at convenience stores and gas stations across its network over several months dating back to March 2019. Two months later, in early 2020, fellow Pennsylvania-based retailer Rutter's reported a malware attack that spanned several months between 2018 to 2019.  Both convenience retailers have reached settlements related to these security breaches.

Now comes word that Kwik Trip Inc. has been facing its own system failures for the past week, although it is making progress in fixing the problem. Facing disruption in its digital operations, the Wisconsin-based company is working with third-party information security experts and, so far, there is no evidence that anyone's personal or confidential information has been acquired by an unauthorized party.

Even if the investigation concludes the digital outage did not affect Kwik Trip's customer information, the latest problem just proves that retailers cannot sleep on data security as we move toward a more cashless society. Monetary repercussions aside, convenience stores have worked too hard to gain their customers' trust to lose it now.