article thumbnail

It’s time to think twice about retail loyalty programs

Thales Cloud Protection & Licensing

As I was starting to write this blog, yet another retail program data breach occurred, for Marriott’s Starwood loyalty program. In this case, it looks as though the attackers had been on the Starwood network for somewhere around three years, mining out their reservations database (keep in mind that Marriott only acquired Starwood in 2016 ).

Retail 66
article thumbnail

Wipro Intruders Targeted Other Major IT Firms

Krebs on Security

The subdomains listed above suggest the attackers may also have targeted American retailer Sears ; Green Dot , the world’s largest prepaid card vendor; payment processing firm Elavon ; hosting firm Rackspace ; business consulting firm Avanade ; IT provider PCM ; and French consulting firm Capgemini , among others. internal-message[.]app.

IT 192

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

6 ecommerce trends to watch

IBM Big Data Hub

Some forecasts suggest online retail might be responsible for half of all retail revenues by next year. In what McKinsey refers to as “the e-commerce catch-22,” many retailers with significant growth in ecommerce sales through 2020 and 2021 saw their margins decline.

Retail 85
article thumbnail

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

In September 2016, MrMurza sent a message to all iSocks users saying the service would soon be phased out in favor of Faceless, and that existing iSocks users could register at Faceless for free if they did so quickly — before Faceless began charging new users registration fees between $50 and $100. Image: Darkbeast/

Passwords 235
article thumbnail

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

According to the company, they have over 600,000 Cameras and 50,000 Recorders installed all over the world in multiple sectors such as Banking, Retail, Government, etc. “Another notable spike to mention is IPS detections related to MVPower CCTV DVR models (CVE-2016-20016) also known as JAWS webserver RCE.

article thumbnail

FBI Warns of ‘Unlimited’ ATM Cashout Blitz

Krebs on Security

. “The cyber criminals typically create fraudulent copies of legitimate cards by sending stolen card data to co-conspirators who imprint the data on reusable magnetic strip cards, such as gift cards purchased at retail stores,” the FBI warned. All told, the attackers managed to siphon almost $570,000 in the 2016 attack.

Phishing 214
article thumbnail

Wawa Breach May Have Compromised More Than 30 Million Payment Cards

Krebs on Security

.” Gemini’s director of research Stas Alforov stressed that some of the 30 million cards advertised for sale as part of this BIGBADABOOM batch may in fact be sourced from breaches at other retailers, something Joker’s Stash has been known to do in previous large batches. The company found the median price of U.S.

Sales 307