Rakuten sent us a statement: here it is in its entirety.
Dear Valued Rakuten Customer:
As one of the world’s leading online retail marketplaces, we are committed to delivering outstanding customer service and retail operations in every respect; ensuring and improving data security is a fundamental aspect of our commitment.
Recently, we have become aware of customers who have reported experiencing unapproved charges at other sites after using their credit cards at Rakuten.com. We take reports of this nature very seriously and have investigated these reports in great depth. We have conducted our own internal investigation, hired a specialist in credit card processing, and hired a leading third-party technical forensics company. To date, neither we nor our hired experts have been able to identify any breach of our systems that would explain any of these reports. We are nonetheless continuing to investigate the matter and will promptly take steps to rectify any concerns we uncover.
Additionally, we have undertaken efforts to further enhance our security procedures. This includes implementing a “token” method of processing credit cards. Under this method, the credit card information our customers provide is converted into a “token” to be used for that transaction. In addition, we have enhanced many of our security practices concerning the use of credit cards and other sensitive information.
We are committed to maintaining the security of information our customers entrust to us and dedicated to addressing any problems in this area. If you have experienced any problems, please alert us right away so that we can promptly address the issue by contacting the head of customer experience on 877-880-1030 Ext. 2095. Any information you share could also help us to continue improving the security of shopping online.
Bernard Luthi, Chief Marketing & Operating Officer, Rakuten.com