Surprise Edition: Amex, Hackers And Starbucks E-Commerce Sign-Off

Last week’s news cycle was all about surprises. Hurricane Harvey blew into the coast of Mexico as a “blob of weather systems” and instead snuck up on the Texas shoreline and made landfall as a Category 4 hurricane. Controversial Arizona Sheriff Joe Arpaio got a surprise presidential pardon, one that President Trump let slip during an Arizona rally earlier in the week. And Amazon and Whole Foods surprised everyone by getting that merger sewn up a bit faster than expected — and then really shocked the world by announcing their first move: dropping the price of some goods at the famously high-priced grocery chain.

How good a surprise that was likely depends on whether one plans to shop from Amazon/Whole Foods or intends to try to compete with them.

The Data Dive this week doesn’t have quite so many stone-cold stunners, but there is plenty that should at least warrant a second look. The team at American Express is unexpectedly in the Consumer Financial Protection Bureau’s (CFPB) sights and is paying a hefty fine; cybercriminals have found a fun new way to use something as innocuous as your phone number to take all your accounts away from you and Starbucks is saying a surprise sayonara to their own eCommerce portal.
American Express’ $96M Discrimination Problem

Two American Express banking subsidiaries have found themselves on the wrong side of the CFPB’s fining pen for discriminating against consumers in Puerto Rico, the U.S. Virgin Islands and other U.S. territories. The banks were reportedly offering terms to those consumers that were inferior to those available in the U.S.

The CFPB also accuses American Express of discriminating against certain consumers with Spanish language preferences.

According to a release from the consumer watchdog, American Express has paid approximately $95 million in consumer redress during the course of the Bureau’s review and American Express’ own internal review.

The order Wednesday requires the financial services corporation to pay at least another $1 million to fully compensate consumers.

“Consumer financial protections are not confined within the 50 states,” said CFPB Director Richard Cordray in a press release announcing the action. “American Express discriminated against consumers in Puerto Rico and the U.S. territories by providing them with less favorable financial products and services. They have ceased this practice and are making consumers whole. In particular, because they self-reported the problem and fully cooperated with our investigation, no civil penalties are being assessed in this matter.”

The CFPB further noted that in 2013, American Express self-reported to the bureau differences between its Puerto Rico and U.S. Virgin Islands cards and its cards offered in the 50 U.S. states, as well as differences with respect to certain consumers with a Spanish language preference.

Through the course of a supervisory review, the CFPB said it concluded that, from at least 2005 to 2015, American Express’ Puerto Rico cards had different — and often worse — pricing, rebates and promotional offers, underwriting, customer and account management services and collections practices than its U.S. cards.

The Bureau’s review did not find that American Express intentionally discriminated against its customers but rather found that these differences were the result of American Express’ card management structure, which had different business units overseeing its Puerto Rico cards and U.S. cards.

According to Richard Cordray and the CFPB, over the course of at least 10 years, more than 200,000 consumers were harmed by American Express’ discriminatory practices, which included charging higher interest rates, imposing stricter credit cutoffs and providing less debt forgiveness.

Hackers Crack Consumer Phone Numbers

In case you happened to be concerned that hackers had not given you enough to be worried about this week, they’ve officially found a way to turn phone numbers against us.

Consumers, as it turns out, often use their mobile numbers as their secondary form of identification for many online accounts. Enterprising cybercriminals can purchase a dummy phone, contact a consumer’s phone service provider and change the number from the consumer’s actual phone to the dummy phone. With the hacked phone number secured, they can then use it to reset the consumer’s digital accounts on any online portal where the phone is used as a back-up.

“My iPad restarted, my phone restarted and my computer restarted, and that’s when I got the cold sweats and was like, ‘OK, this is really serious,’” Chris Burniske, a cryptocurrency investor who lost control of his phone number late last year, told the The New York Times.

Other high profile victims of the cybersecurity breach include the chief technologist of the Federal Trade Commission (FTC). The hacked phone number trick is on the rise: In 2013, there were 1,038 such incidents reported; by January 2016, that number had increased to 2,658. Cybercriminals seem to prefer to target cryptocurrency users and traders for this particular form of fraud.

In the few minutes it took to get control of his phone, the cryptocurrency investor saw his virtual currency password change and his accounts drained of $150,000.

How common these cybersecurity attacks are remains a bit of a question mark, since victims are hesitant to come forward, but “dozens of prominent people” told the Times that the attacks were real and that they had been a victim to them.

“Everybody I know in the cryptocurrency space has gotten their phone number stolen,” said Joby Weeks, a bitcoin entrepreneur.

Starbucks Pulls an eCommerce Plug

It seems Starbucks has had enough of selling its wares online. According to news reports last week, Starbucks is getting out of the eCommerce game on Oct. 1.

The upside for consumers: everything on the Starbucks website is on sale, with products reduced by as much as 50 percent. And for bargain-hunting early holiday shoppers, there will be some pretty nice finds. Coffee brewers, espresso makers, mugs, glasses, coffees and teas will all be on sale.

For those who fear their shopping for Starbucks schwag days are over, fear not: The goods will remain available from other retailers, including grocery stores and Amazon.

Starbucks aims to stay in contact with its most loyal online shoppers to apprise them of product inventory information and which items are sold out, Starbucks’ spokesperson Maggie Jantzen told media outlets.

Despite the dip out of eCommerce, Starbucks will continue with its digital expansion efforts, most notably through the roll-out of expanded artificial intelligence technology to members of its rewards program this fall through its cloud-based Digital Flywheel program.

The technology will identify patterns in customers’ orders, then suggest new products or ensure consumer favorites are available. The program is also expected to send customized offers to customers based on the weather, day of the week or holidays.

“Starbucks is one of the best companies in the world that connects brand, user and consumer experience between digital, mobile and the real world,” Brian Solis, a principal analyst and futurist at business management consulting firm Altimeter, told TheStreet in an interview last month. “They are still pushing forward, rolling out their Digital Flywheel strategy to be more dynamic and to further integrate digital and real world.”

So, what did we learn this week? Turning yourself in doesn’t mean you still don’t get punished. Hackers have found a way to put literally any consumer data to ill-use (though lucky for everyday currency users they seem to vastly favor bitcoin enthusiasts). And Starbucks has decided that if you can’t beat ‘em, you may as well leave eCommerce to Amazon.