2015, Retail and Security - Information Management Today

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

Security Affairs

SEPTEMBER 19, 2018

Magecart hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. The Magecart cybercrime group is back, this time the hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. Pierluigi Paganini.

Retail

Retail Computer and Electronics Data breaches Security

Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs

Security Affairs

DECEMBER 17, 2019

LightInTheBox is a Chinese online retailer trading on the New York Stock Exchange, most of its customers are in North America and Europe. “Led by cybersecurity analysts Noam Rotem and Ran Locar, vpnMentor’s research team discovered a leak in a database belonging to the online retailer LightInTheBox.” concludes the post.

Retail

Retail e-Discovery Data breaches Sales

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

Giant office retail company Staples disclosed a data breach, threat actors accessed some of its customers’ order data. Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization. Pierluigi Paganini.

Data breaches

Data breaches Retail Access IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

VF Corp December data breach impacts 35 million customers

Security Affairs

JANUARY 19, 2024

In 2015, the company controlled 55% of the U.S. VF immediately began taking measures to remediate the attack and launched an investigation into the security breach. ” reads a Form 8-K filed with the Securities and Exchange Commission (SEC) on January 18, 2024. million customers. million individual consumers.”

Data breaches

Data breaches Passwords Retail Insurance

UK ICO Issues Unprecedented Fine Against Mobile Phone Retailer for Lax Security

Hunton Privacy

JANUARY 12, 2018

On January 8, 2017, the UK Information Commissioner (“ICO”) issued an unprecedented monetary penalty of £400,000 against British mobile phone retailer, The Car Phone Warehouse Limited. In its decision, the ICO meticulously detailed the chronology of events and technical failures that led to the breach.

Retail

Retail Personal data Security GDPR

Here’s Why Credit Card Fraud is Still a Thing

Krebs on Security

JULY 29, 2020

McCoy and fellow NYU researchers found BriansClub earned close to $104 million in gross revenue from 2015 to early 2019, and listed over 19 million unique card numbers for sale. In 2015, the major credit card associations instituted new rules that made it riskier and potentially more expensive for U.S.

Sales

Sales Retail Military Paper

Crooks claim to have stolen 20k customer records from Superdrug cosmetics retailer

Security Affairs

AUGUST 22, 2018

Hackers claim to have stolen the personal details of almost 20,000 Superdrug customers who shopped online at the cosmetics retailer. The British Superdrug is the last victim of a security breach, hackers claim to have stolen the personal details of almost 20,000 people who shopped online at the cosmetics retailer.

Retail

Retail Data breaches Passwords Access

IBM X-Force Exchange Threat Intelligence Platform

eSecurity Planet

FEBRUARY 2, 2023

The top-ranked IBM X-Force Exchange threat intelligence platform (TIP) integrates enterprise-grade external security threat information with the tools a security professional needs to analyze how the threat might impact the organization. This article provides more in-depth information on the product and its features.

Retail

Retail Cloud Access Privacy

Nedbank client data compromised in security breach at third-party provider

Security Affairs

FEBRUARY 14, 2020

Nedbank bank announced on Thursday that a security breach at a third-party supplier has compromised the details of as many as 1.7 Nedbank bank disclosed on Thursday a security breach at a third-party supplier that has compromised the details of as many as 1.7 ” reads a security notice published by the bank.

Security

Security Marketing Retail Communications

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Krebs on Security

NOVEMBER 2, 2023

Most online retailers grew wise to these scams years ago and stopped shipping to regions of the world most frequently associated with credit card fraud, including Eastern Europe, North Africa, and Russia. The stuffers use stolen cards to purchase high-value products from merchants and have the merchants ship the items to the drops’ address.

Marketing

Marketing Retail Blockchain Communications

Experts report a rampant growth in the number of malicious, lookalike domains

Security Affairs

NOVEMBER 18, 2019

Cyber security firm Venafi announced it has uncovered lookalike domains with valid TLS certificates that appear to target major retailers. is a private cybersecurity company that develops software to secure and protect cryptographic keys and digital certificates. retailers with over 49,500 typosquatted domains.

Retail

Retail Encryption Phishing Authentication

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Retail

Retail Manufacturing Ransomware Security

Security Affairs newsletter Round 245

Security Affairs

DECEMBER 22, 2019

The best news of the week with Security Affairs. Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs. Negative opinion of Italy security committee Copasir on Huawei, ZTE 5G solutions. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Security

Security Ransomware Passwords Data breaches

Bodybuilding.com forces password reset after a security breach

Security Affairs

APRIL 23, 2019

Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. ” reads the announcement published on the website.

Passwords

Passwords Security Retail Personal data

Hackers stole credit card data from JM Bullion online bullion dealer

Security Affairs

NOVEMBER 2, 2020

JM Bullion, the online retailer of products made of precious metals (i.e. JM Bullion has sent a ‘ Notice of Data Security Incident ‘ to its customers, the security breach took place on February 18, 2020, when its staff discovered a malicious script on its website. Pierluigi Paganini.

Data breaches

Data breaches Retail Security IT

MyPillow and Amerisleep are the latest victims of Magecart gangs

Security Affairs

MARCH 20, 2019

Security experts at riskIQ revealed today that another two organizations were victims of Magecart crime gang, the bedding retailers MyPillow and Amerisleep. Security experts at RiskIQ announced that the two bedding retailers MyPillow and Amerisleep were victims of the Magecart cybercrime gang. Pierluigi Paganini.

Retail

Retail Security IT

T-Mobile Investigating Claims of Massive Data Breach

Krebs on Security

AUGUST 16, 2021

They claim one of those databases holds the name, date of birth, SSN, drivers license information, plaintext security PIN, address and phone number of 36 million T-Mobile customers in the United States — all going back to the mid-1990s. In at least one case , retail store employees were complicit in the account takeovers.

Data breaches

Data breaches Access Retail Sales

Accessories giant Claire’s is the victim of a Magecart attack, credit card data exposed

Security Affairs

JUNE 15, 2020

based jewelry and accessory giant Claire’s, and its subsidiary Icing, the security breach took place in April and attackers may have gained access to customer’s credit cards. “Claire’s, a fashion retailer, closed all of its 3000 brick & mortar stores worldwide on March 20th. Pierluigi Paganini.

Retail

Retail Access Cybersecurity Security

Ritz hotel diners were victims of a sophisticated scam

Security Affairs

AUGUST 16, 2020

To cash out the payment card data obtained, the scammers attempted to make purchases at the catalogue retailer Argos. The scammers told the client of the hotel that her payment card had been declined, and asked her for a second bank card, then they tried to make several transactions in excess of £1,000 at the catalogue retailer Argos.

Retail

Retail Data breaches Security IT

SHEIN Data breach affected 6.42 million users

Security Affairs

SEPTEMBER 25, 2018

Another fashion retailer suffered a data breach, the victim is SHEIN that announces the security breach affected 6.42 The retailer hired a forensic cybersecurity firm as well as an international law firm to investigate the security breach. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Retail Passwords Cybersecurity

Toymaker giant Mattel disclosed a ransomware attack

Security Affairs

NOVEMBER 4, 2020

The company filed a 10-Q form with the Securities and Exchange Commission (SEC), Mattel disclosed that it suffered a ransomware attack on July 28th, 2020. “A forensic investigation of the incident has concluded, and no exfiltration of any sensitive business data or retail customer, supplier, consumer, or employee data was identified.

Ransomware

Ransomware Retail Encryption IT

The Risks In Using Third-Party Code

ForAllSecure

MARCH 11, 2021

BlackDuck Software uncovered that 67% of the applications they analyzed contained open source security vulnerabilities. Security is a top risk of using third-party code. Nefarious actors stole customer data, including names, social security numbers, birthdates, and home addresses. In September 2017, Equifax faced a data breach.

Risk

Risk Retail Data breaches Cybersecurity

Wawa Breach May Have Compromised More Than 30 Million Payment Cards

Krebs on Security

JANUARY 28, 2020

Wawa said the breach did not expose personal identification numbers (PINs) or CVV records (the three-digit security code printed on the back of a payment card). Most card breaches at restaurants and other brick-and-mortar stores occur when cybercriminals manage to remotely install malicious software on the retailer’s card-processing systems.

Sales

Sales Retail Security Encryption

Australia banned Huawei from 5G network due to security concerns

Security Affairs

AUGUST 25, 2018

Chinese-owned telecommunications firm Huawei has been banned from Australia’s 5G network due to security concerns. Has safely & securely delivered wireless technology in Aust for close to 15 yrs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Huawei is a world leader in 5G.

Security

Security Military Manufacturing Retail

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Krebs on Security

NOVEMBER 26, 2019

The United States is embarrassingly the last of the G20 nations to make the shift to more secure chip-based cards, which are far more expensive and difficult for criminals to counterfeit. Visa says for merchants who have completed the chip upgrade, counterfeit fraud dollars dropped 87 percent in March 2019 compared to September 2015.

Sales

Sales Marketing Retail Security

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Security firms have monitored the activities of a dozen groups at least since 2010. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Retail Cloud Insurance

News Alert: W3C advances technology to streamline payment authentication

The Last Watchdog

JUNE 15, 2023

The World Wide Web Consortium today announced a standardization milestone for a new browser capability that helps to streamline user authentication and enhance payment security during Web checkout. Publication of Secure Payment Confirmation as a Candidate Recommendation indicates that the feature set is stable and has received wide review.

Authentication

Authentication Communications Financial Services Retail

Dixons Carphone: 5.9 million payment cards compromised

IT Governance

JUNE 13, 2018

At this point, the major consumer electronics retailer said there was no evidence of any fraud. This isn’t the first time that the retailer has suffered a data breach. In 2015, the personal data of 2.4 Data security and GDPR compliance is a matter of urgency for all companies.

Retail

Retail Data breaches GDPR Compliance

The Risks In Using Third-Party Code

ForAllSecure

MARCH 11, 2021

BlackDuck Software uncovered that 67% of the applications they analyzed contained open source security vulnerabilities. Security is a top risk of using third-party code. Nefarious actors stole customer data, including names, social security numbers, birthdates, and home addresses. In September 2017, Equifax faced a data breach.

Risk

Risk Retail Data breaches Cybersecurity

Hacker who helped the ISIS will remain in US prison

Security Affairs

OCTOBER 9, 2020

He was arrested in Malaysia in September 2015 and transferred to the US to face trial. The collaboration between the IS hackers Hussain and Ferizi started in April 2015, according to the US authorities. The ISIS-linked hacker obtained the data by hacking into the US web hosting company’s servers on June 13, 2015.

Military

Military Government Retail Risk

Russian TA505 threat actor target financial entities worldwide

Security Affairs

APRIL 18, 2019

Security experts at CyberInt uncovered a new campaign of a Russian financially motivated threat actor tracked as TA505. “CyberInt researchers have been tracking various activities following the spear-phishing campaign targeting large US-based retailers detected in December 2018.” Pierluigi Paganini.

Retail

Retail Phishing Ransomware Access

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations. The 911 service as it existed until July 28, 2022. A cached copy of flashupdate[.]net

Data breaches

Data breaches Retail Sales Compliance

North Korean Lazarus APT stole credit card data from US and EU stores

Security Affairs

JULY 6, 2020

North Korea-linked Lazarus APT has been stealing payment card data from customers of large retailers in the U.S. Sansec researchers reported that North Korea-linked Lazarus APT group has been stealing payment card information from customers of large retailers in the U.S. and Europe for at least a year. and Europe for at least a year.

Retail

Retail Phishing Marketing IT

4 Industries That Have to Fight the Hardest Against Cyberattacks

Security Affairs

DECEMBER 4, 2018

Society’s dependence on internet-based technologies means security professionals must defend against cyberattacks as well as more traditional threats, such as robbers or disgruntled employees. More than 83 percent of organizations responding to a recent survey reported making new or improved organizational security enhancements.

Retail

Retail Cybersecurity Data breaches Risk

Freedom Mobile data breach impacts at least 15,000 customers

Security Affairs

MAY 9, 2019

Security researchers at vpnMentor discovered an unprotected database containing information belonging to Freedom Mobile customers. The database was secured on April 23. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Freedom Mobile is the fourth largest mobile network operator in Canada.

Data breaches

Data breaches Retail Encryption Communications

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Last Watchdog

JULY 13, 2023

trillion by 2025, a 300% increase since 2015 1. Is business becoming dulled to the cyber security threat As cyber fears decrease, the technological risk landscape has fragmented, with executives nearly as concerned about the perceived threat posed by disruptive new technologies, such as AI, as the risk of cybercrime.

Risk

Risk Insurance Energy and Utilities Marketing

The Rise of the Bad Bots

Thales Cloud Protection & Licensing

APRIL 22, 2024

However, by 2015, bad bot traffic had fallen to its lowest historical level of 18.6%, mainly due to increased human traffic from China, India, and Indonesia. In 2013, when Imperva first launched the Bad Bot Report, bad bots comprised 23.6% of internet traffic, while good bots accounted for 19.4% and human traffic for 57%.

Digital transformation

Digital transformation Retail Access Encryption

Key Ring digital wallet exposes data of 14 Million users in data leak

Security Affairs

APRIL 6, 2020

The images include scans of government-issued IDs, retail club membership and loyalty cards, NRA membership cards, gift cards, credit cards with all details exposed (including CVV), medical insurance cards, medical marijuana ID cards, and more. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Retail

Retail Encryption Insurance Passwords

Croatia’s largest petrol station chain INA group hit by ransomware attack

Security Affairs

FEBRUARY 20, 2020

” reads a security breach notice published by the company on its website. “Market supply is secure. Fuel sales at our retail locations continue unhindered. All payments are secure, whether it is a cash payment, an INA card or a bank card. INA is taking steps to remedy the system’s hassle.”

Ransomware

Ransomware Encryption Retail Sales

Security Affairs newsletter Round 181 – News of the week

Security Affairs

SEPTEMBER 23, 2018

The best news of the week with Security Affairs. Magecart cybercrime group stole customers credit cards from Newegg electronics retailer. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Security Affairs – Newsletter ). A new round of the weekly SecurityAffairs newsletter arrived! Paper Copy.

Computer and Electronics

Computer and Electronics Security Mining Data breaches

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. Security experts from cyber-security firm Prevailion reported that TA505 has compromised more than 1,000 organizations. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. We strongly recommend patching.

Authentication

Authentication Retail Passwords Ransomware

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Security Affairs

SEPTEMBER 4, 2021

As a California-based provider of POS technology for the retail and hospitality sector, a successful infection would allow the group to obtain payment card data and later sell the information on online marketplaces.” “The specified targeting of the Clearmind domain fits well with FIN7’s preferred modus operandi.

Retail

Retail Sales Phishing IT

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Report: Threat of Emotet and Ryuk appeared first on Security Affairs.

Ransomware

Ransomware Retail Phishing Encryption

Decathlon Spain data leak exposed Spanish employees’ data & more

Security Affairs

FEBRUARY 25, 2020

Experts from vpnMentor have uncovered a leaking, active database containing over 123 million records belonging to the sporting goods retailer Decathlon Spain (and possibly Decathlon UK as well). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the post published by vpnMentor.

Archiving

Archiving Passwords Retail Education

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs

Webinars

Trending Sources

Staples discloses data breach exposing customer order data

Webinars

VF Corp December data breach impacts 35 million customers

UK ICO Issues Unprecedented Fine Against Mobile Phone Retailer for Lax Security

Here’s Why Credit Card Fraud is Still a Thing

Crooks claim to have stolen 20k customer records from Superdrug cosmetics retailer

IBM X-Force Exchange Threat Intelligence Platform

Nedbank client data compromised in security breach at third-party provider

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Experts report a rampant growth in the number of malicious, lookalike domains

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs newsletter Round 245

Bodybuilding.com forces password reset after a security breach

Hackers stole credit card data from JM Bullion online bullion dealer

MyPillow and Amerisleep are the latest victims of Magecart gangs

T-Mobile Investigating Claims of Massive Data Breach

Accessories giant Claire’s is the victim of a Magecart attack, credit card data exposed

Ritz hotel diners were victims of a sophisticated scam

SHEIN Data breach affected 6.42 million users

Toymaker giant Mattel disclosed a ransomware attack

The Risks In Using Third-Party Code

Wawa Breach May Have Compromised More Than 30 Million Payment Cards

Australia banned Huawei from 5G network due to security concerns

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

US-based children’s clothing maker Hanna Andersson discloses a data breach

News Alert: W3C advances technology to streamline payment authentication

Dixons Carphone: 5.9 million payment cards compromised

The Risks In Using Third-Party Code

Hacker who helped the ISIS will remain in US prison

Russian TA505 threat actor target financial entities worldwide

911 Proxy Service Implodes After Disclosing Breach

North Korean Lazarus APT stole credit card data from US and EU stores

4 Industries That Have to Fight the Hardest Against Cyberattacks

Freedom Mobile data breach impacts at least 15,000 customers

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Rise of the Bad Bots

Key Ring digital wallet exposes data of 14 Million users in data leak

Croatia’s largest petrol station chain INA group hit by ransomware attack

Security Affairs newsletter Round 181 – News of the week

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Report: Threat of Emotet and Ryuk

Decathlon Spain data leak exposed Spanish employees’ data & more

Stay Connected