How Not to Acknowledge a Data Breach

Krebs on Security

I’m not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach. corporations (spoiler alert: the second half of this story actually contains quite a bit of news about the breach investigation).

Target Sues Insurer Over 2013 Data Breach Costs

Data Breach Today

Lawsuit Claims Insurer Owes Retailer for Coverage of Card Replacement Costs Target has filed a lawsuit against its long-time insurer, ACE American Insurance Co., in an attempt to recoup money it spent to replace payment cards as part of settlements over the retailer's massive 2013 data breach.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Magecart Hits Macy's: Retailer Discloses Data Breach

Dark Reading

The retail giant discovered malicious code designed to capture customer data planted on its payment page

Are Data Breaches the New Reality for Retail?

Thales eSecurity

As digital transformation takes hold, the retail industry is under siege from cyber criminals and nation states attempting to steal consumers’ personal information, credit card data and banking information. retailers experiencing a breach in the last year. Data Breach

Magecart Spies Payment Cards From Retailer Vision Direct

Data Breach Today

Card-Sniffing JavaScript Posed as Google Analytics Script on Retailer's Sites Online contact lens retailer Vision Direct says it suffered a data breach that exposed customers' names and complete payment card details.

Retail 234

How data breaches are affecting the retail industry

IT Governance

Data breaches. What steps will the ICO (Information Commissioner’s Office) take to ensure organisations comply with the recently enforced GDPR (General Data Protection Regulation)? How will customers, suppliers and partners react to organisations that suffer a breach?

SHEIN Data breach affected 6.42 million users

Security Affairs

Another fashion retailer suffered a data breach, the victim is SHEIN that announces the security breach affected 6.42 The retailer hired a forensic cybersecurity firm as well as an international law firm to investigate the security breach.

Wawa Data Breach: Malware Stole Customer Payment Card Info


Breach data breach malware payment card theft point of sale pos retail breach Wawa Wawa breachWawa said that payment-processing system malware had potentially affected all 850 of its locations.

BA data breach: 565,000 customers may have been affected

IT Governance

In September, British Airways announced it had suffered a data breach that compromised the personal and financial data of more than 380,000 customers. Is your organisation prepared for a data breach?

List of data breaches and cyber attacks in March 2020 – 832 million records breached

IT Governance

With organisations across the globe turned upside down by the COVID-19 pandemic, there has never been a worse time to suffer a data breach or cyber attack. Australia’s Defence Force Recruiting systems were taken offline after security breach (unknown). Data breaches.

Retailer Leaked Hundreds of Internal Passwords on Pastebin

Krebs on Security

and founded in 1856, privately-held Orvis is the oldest mail-order retailer in the United States. The company has approximately 1,700 employees, 69 retail stores and 10 outlets in the US, and 18 retail stores in the UK. Data backup services. Netflow data.

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

The US-based children’s clothing maker Hanna Andersson has disclosed a data breach that affected its customers. The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform.

3 ways a data breach can occur

IT Governance

We’ve talked a lot recently about the financial effects of data breaches and how you should respond to incidents , but that still leaves the question of how data breaches occur. Accidental breaches are impossible to eradicate, because people inevitably make mistakes.

Freedom Mobile data breach impacts at least 15,000 customers

Security Affairs

Canadian Freedom Mobile mobile network operator exposed the details of many customers, including their payment card data. All the data was encrypted. According to the Globe and Mail , and the data leak was caused by the third-party company Apptium Technologies.

Adidas data breach

IT Governance

On 28 June 2018, athletic apparel company Adidas announced that its US website had suffered a data breach , exposing online customers’ personal data. The breach was detected on 26 June. Cyber Security EU GDPR Retail

Heathrow Airport fined £120,000 for data breach

IT Governance

The ICO (Information Commissioner’s Office) has fined Heathrow Airport £120,000 for failing to secure sensitive personal data after a member of public found an unencrypted USB stick containing data about the airport’s staff. How did the data breach occur?

Canada's Fitness Depot Alerts Customers to Data Breach

Dark Reading

The retailer reports cybercriminals infected its online store and used a fraudulent form to steal shoppers' information

Customers lose confidence – data breaches aren’t just about fines

IT Governance

A recent survey by Ping Identity shows that customers move away from brands that have suffered data breaches. Data breaches are now a common occurrence – big-name brands affected in 2018 include FIFA , British Airways , Vision Direct , Eurostar and Marriott. It is essential for organisations of all types and sizes to do their absolute best to reduce the risks of a data breach. Following a data breach, 78% of people would stop engaging with a brand online.

E-Skimming Strikes Again: Macy’s Confirms Magecart Data Breach

Adam Levin

Macy’s has informed customers of an e-skimming data breach following the discovery of Magecart malware on its website. In a letter to affected customers, the retailer said that it had detected malware on its e-commerce website on October 15 and that it had been active for a little over a week. . Magecart attacks are a growing threat to online retailers and e-commerce sites, where rogue code is inserted into sites to “skim” customer card information.

70,000 affected in B&Q data breach

IT Governance

Home improvement retailer B&Q has suffered a data breach affecting 70,000 of its… well, not customers, exactly. The breached database contained a list of people who had been caught stealing products from B&Q stores.

Retail in 2019 needs security precautions

Thales eSecurity

As the retail industry follows suit with today’s digital transformation, customer expectations are at an all-time high. Retailers are looking to address these demands with interconnected experiences to give customers more personalized and immediate experiences both in-stores and online.

List of data breaches and cyber attacks in October 2019 – 421 million records breached

IT Governance

In a month where security experts across Europe were boosting awareness of cyber security , organisations had mixed results in their own data protection practices. It was also a particularly bad month for the UK, with 9 confirmed breaches. Data breaches.

Morrisons heads to the Supreme Court over data breach

IT Governance

The Supreme Court has given Morrisons permission to appeal a ruling that found the supermarket liable for a data breach caused by a malicious insider. Morrisons has lost two cases related to its March 2014 data breach , in which Andrew Skelton, a senior internal auditor at the supermarket’s Bradford office, leaked the payroll data of 99,998 employees. Skelton was arrested soon after leaking the data and in July 2015 was sentenced to eight years in prison.

Has the cause of the BA data breach been identified?

IT Governance

The latest news reports claim that the cause of the data breach has been identified by a RiskIQ researcher, who has analysed the code from BA’s website and app. They say that there is evidence of a “skimming” script designed to scrape data from online payment forms.

Retailers increase cyber security spending, but attacks continue to rise

IT Governance

The UK’s biggest retailers are spending more than ever on cyber security but are continuing to see an alarming rise in cyber attacks and data breaches due to the ever-evolving threat landscape, a report has found. Are retailers investing wisely? Retail

List of data breaches and cyber attacks in November 2019 – 1.34 billion records breached

IT Governance

It was a big month for data breaches this month, with a confirmed 1,341,147,383 records being exposed in 87 incidents. Here is a full list of data breaches in November – as always, those affecting the UK are listed in bold. breached in suspected phishing attack (unknown).

Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs

Security Affairs

LightInTheBox is a Chinese online retailer trading on the New York Stock Exchange, most of its customers are in North America and Europe. TB of data, totaling over 1.5 billion records, it also included data from their subsidiary sites such as

Retailers Face Many Challenges, Data Security Doesn’t Have to be One of the Them

Thales eSecurity

Business is booming and data is flowing. Retailers and shoppers are leveraging and enjoying many benefits data sharing brings: loyalty programs, personalized experiences, easier product location and ordering, online shopping, mobile access and the list goes on. Data security

Sports retail giant Decathlon leaks 123 million customer and employee records

IT Governance

Decathlon, the world’s largest sporting goods retailer, has suffered a massive data breach, affecting 123 million customer and employee records. It contained information from the retailer’s Spanish businesses and potentially its UK stores.

International clothing chain C&A in Brazil suffered a data breach

Security Affairs

The clothing chain C&A in Brazil suffered a cyber attack on its gift card/exchange system last week, hackers leaked data on Pastebin. The International fashion retail clothing chain C&A in Brazil suffered a data breach, the company confirmed hackers hit its gift card platform.

Superdrug’s customers affected in data breach

IT Governance

Yesterday evening, Superdrug contacted its customers about a data breach affecting a reported 20,000 individuals. Were they breach ready? As we often say, all organisations should prepare themselves for a data breach. Their statement also makes no comment about informing the ICO (Information Commissioner’s Office) about this data breach. Cyber Security Retail

Dixons Carphone faces ?400m fine following biggest online data breach in UK history

IT Governance

Little more than three years since its previous security incident, electronics retailer Dixons Carphone has admitted to a data breach compromising 5.9 million personal records – making it the biggest online data breach in UK history.

Prompt notification would ease pain of data breaches, survey reveals

Information Management Resources

At the same time, consumers hold banks to tougher disclosure standards than government agencies, health care organizations and retailers, according to Experian. Cyber security Data security Data breaches

Dixons Carphone hit with £500,000 fine for massive data breach

IT Governance

An investigation by the UK’s data protection watchdog found cyber criminals had compromised the retailer’s payment systems and siphoned off the credit and debit card information of 14 million customers. Breach management as a service.


Dixons Carphone Data Breach discovered in June affected 10 Million customers

Security Affairs

Dixons Carphone announced on Monday that the security breach discovered in June affected around 10 million customers, much more than the initial estimate. In June it was estimated that hackers accessed data of 1.2 Security Affairs –Carphone Warehouse, data breach).

Crooks claim to have stolen 20k customer records from Superdrug cosmetics retailer

Security Affairs

Hackers claim to have stolen the personal details of almost 20,000 Superdrug customers who shopped online at the cosmetics retailer. ” Superdrug tried to downplay the incident, sustaining that the hackers obtained the credentials from third-party data breaches.

Forever 21 Informs Shoppers of Data Breach

Dark Reading

Forever 21 learned an unauthorized actor may have accessed payment card data at certain retail stores