Another data hack has occurred, this time compromising sensitive credit card data of more than five million customers who shopped at Saks Fifth Avenue and Lord & Taylor. According to Gemini Advisory, the cybersecurity research firm that identified the recent hack, the incident was orchestrated by a “well-known ring of Russian-speaking hackers known as Fin7 or JokerStash.” The research firm also said that the stolen information “appears to have been taken using software that was implanted into the cash register systems at the stores and that siphoned card numbers until last month.”
Another data hack has occurred, this time compromising sensitive credit card data of more than five million customers who shopped at Saks Fifth Avenue and Lord & Taylor. According to Gemini Advisory, the cybersecurity research firm that identified the recent hack, the incident was orchestrated by a “well-known ring of Russian-speaking hackers known as Fin7 or JokerStash.” The research firm also said that the stolen information “appears to have been taken using software that was implanted into the cash register systems at the stores and that siphoned card numbers until last month.”
The data hack was confirmed yesterday by the corporation that owns both Saks Fifth Avenue and Lord & Taylor, the Hudson’s Bay Company. In a statement the corporation said:
“We have become aware of a data security issue involving customer payment card data at certain Saks Fifth Avenue, Saks Off 5th and Lord & Taylor stores in North America. We have identified the issue, and have taken steps to contain it. Once we have more clarity on the facts, we will notify our customers quickly and will offer those impacted free identity protection services, including credit and web monitoring.”
In addition to the company’s statement, Hudson’s Bay claims the investigation into the matter is ongoing but that its “e-commerce platforms appeared to have been unaffected by the breach.” However, it has so far declined to mention “how many customer accounts or stores were affected.”
The cyber attack itself is one of the largest concerning a retailer and only shines a spotlight on how difficult it is to “secure credit-card transaction systems despite the lessons learned from other large data breaches, such as the theft of 40 million card numbers from Target in 2013 and 56 million card numbers from Home Depot in 2014.” Then there was the massive Equifax hack that compromised sensitive data belonging to more than 145.5 million Americans.
As the investigation is still ongoing, Gemini Advisory pointed out that the hackers have so far posted 125,000 of the stolen records for sale and noted that Fin7 “did not disclose where the numbers had been obtained.” However, with a bit of research, the firm was able to narrow the stolen records down to cards that had been used at “Saks and Lord & Taylor stores, mostly in New York and New Jersey, from May 2017 to March 2018.”
What kind of software was installed on the cash registers and computers at the stores in question, though? Well, according to Gemini Advisory, “though it’s unclear exactly how the malware was installed in the stores’ checkout systems, it was most likely through phishing emails sent to Hudson’s Bay employees.” For those who don’t know, phishing attacks are when “hackers send seemingly legitimate emails to a company’s employees that encourage them to click on a link or attached file that secretly installs software on their computers, giving the attackers a backdoor into the systems.”
Sources:
Card Data Stolen From 5 Million Saks and Lord & Taylor Customers
Join the conversation!