Information Security, Retail and Sales - Information Management Today

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Volvo’s retailer in Brazil, Dimas Volvo, leaked sensitive files through its website. website, belonging to an independent Volvo retailer in the Santa Catarina region of Brazil.

Retail

Retail Manufacturing Communications Passwords

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

NOVEMBER 25, 2020

Retail giant Home Depot has agreed to a $17.5 The US largest home improvement retailer giant Home Depot agrees to $17.5 According to the US retailer the payment card information of approximately 40 million Home Depot consumers nationwide. Online customers were not impacted by the security breach. ” . .

Retail

Retail Data breaches Information Security Security awareness

Hacker stole credit cards from the website of Canada’s largest alcohol retailer LCBO

Security Affairs

JANUARY 15, 2023

The Canadian Liquor Control Board of Ontario (LCBO), the largest beverage alcohol retailer in the country, disclosed Magecart attack. Canadian Liquor Control Board of Ontario (LCBO), the largest beverage alcohol retailer in the country, disclosed a Magecart attack on January 10, 2023. ” reads a company’s statement.

Retail

Retail Sales Passwords Cybersecurity

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

Security Affairs

JANUARY 18, 2021

fine under GDPR against the online laptop and electronic goods retailer NBB for video-monitoring employees. million fine under the GDPR against an online laptop and electronic goods retailer NBB’s (notebooksbilliger.de) for video-monitoring employees for at least a couple of years. .” The post German laptop retailer fined €10.4m

Retail

Retail GDPR Sales Privacy

Sweden’s liquor supply severely impacted by ransomware attack on logistics company

Security Affairs

APRIL 25, 2024

Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack. Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5% It operates stores across Sweden and is responsible for the retail sale of wine, spirits, and strong beer. “It

Ransomware

Ransomware Retail Sales Government

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

Data Matters

APRIL 6, 2022

Securities and Exchange Commission (SEC) Division of Enforcement (EXAMS or Division) issued its annual examination priorities. Private Fund, ESG Investing, Retail Investors, Cybersecurity, Fintech, and Digital Assets. Investment Advisers and Investment Companies . The Division’s focus in this space is largely on perennial issues.

Retail

Retail Compliance Sales Risk

Wawa card breach: 30 million card records for sale in the dark web

Security Affairs

JANUARY 29, 2020

N ew revelations on the Wawa card data breach suggests that the incident might have exposed 30 million customers’ data that are now available online for sale. In December 2019, Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems.

Sales

Sales Data breaches Retail Security

Black Friday and Cyber Monday, crooks are already at work

Security Affairs

NOVEMBER 19, 2022

Below are some of the subject lines observed by Bitdefender: black friday sale louis vuitton bags up to 86 off shop online now. black friday sale 70 rabatt auf sofort (aimed at German shoppers). The report provides details about some of the Black Friday scams analyzed by the experts, such as Louis Vuitton and Ray Ban sales scams.

Sales

Sales Retail Phishing Passwords

CNIL Adopts Its First Sanction as Lead Supervisory Authority, Fining French Online Shoe Retailer

Hunton Privacy

AUGUST 11, 2020

On August 5, 2020, the French Data Protection Authority (the “CNIL”) announced that it has levied a fine of €250,000 on French online shoe retailer, Spartoo, for various infringements of the EU General Data Protection Regulation (“GDPR”). Spartoo is a French-based company specializing in online shoe sales. Background.

Retail

Retail GDPR IT Personal data

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Security Affairs

DECEMBER 21, 2022

CyberNews researchers reported that Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Millions of sensitive documents, from sales to system information, were accessible. Original post @ [link].

Retail

Retail Manufacturing Sales Phishing

Clop Ransomware gang claims to have stolen 2 million credit cards from E-Land

Security Affairs

DECEMBER 3, 2020

E-Land Retail suffered a ransomware attack, Clop ransomware operators claim to have stolen 2 million credit cards from the company. E-Land Retail is a South Korean conglomerate headquartered in Changjeon-dong Mapo-gu Seoul, South Korea. ” reads the security breach notice.

Ransomware

Ransomware Retail Encryption Sales

Eken camera doorbells allow ill-intentioned individuals to spy on you

Security Affairs

MARCH 3, 2024

The company produces video doorbells under the brand names EKEN and Tuck, its products are by major retailers, including Amazon, Walmart, Shein, Sears and Temu. Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd.

Manufacturing

Manufacturing Retail Sales Communications

REvil gang exploited a zero-day in the Kaseya supply chain attack

Security Affairs

JULY 4, 2021

Ciaran Martin , former head of the NCSC , provided disconcerting info about the supply chain ransomware attack that disrupted 20% of Swedish food retail capacity, pharmacies, train ticket sales. “So ransomware can push itself to systems.

Ransomware

Ransomware Retail Sales Encryption

Ransomware attack disrupted store operations in the Netherlands and Germany

Security Affairs

NOVEMBER 8, 2021

Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. MediaMarkt operates in 13 countries and employs approximately 53,000 employees and has a total sales of approximately €21 billion. The sales online were not affected by the security incident.

Ransomware

Ransomware Computer and Electronics Retail Sales

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

million OpenSea records for sale on hacking forum A cyber criminal known as ‘bossmoves90004’ claims to have exfiltrated 6.9 million data records from the NFT (non-fungible token) marketplace OpenSea, which they have offered for sale on a hacking forum. Source (New) Retail Italy Yes 436,932 Toner-dumping.de TB Paysign, Inc.

Data Privacy

Data Privacy Privacy Security Data breaches

Former Microsoft worker sentenced to nine years in prison for stealing $10+ million

Security Affairs

NOVEMBER 11, 2020

Kvashuk is a Ukrainian citizen living in Renton, Washngton, was responsible for helping test Microsoft’s online retail sales platform. The man was involved in the testing of Microsoft’s online retail sales platform and abused testing access to steal “currency stored value” (CSV) such as digital gift cards.

Retail

Retail Sales Access IT

Acer suffered the second security breach in a few months

Security Affairs

OCTOBER 14, 2021

Taiwanese electronics technology giant Acer discloses a security breach suffered by its after-sales service systems in India after an isolated attack. Bad news for the Taiwanese electronics technology giant Acer, it disclosed a second security breach this year. We are notifying all potentially affected customers in India. .”

Computer and Electronics

Computer and Electronics Sales Security Retail

Acer suffers a second data breach in a week

Security Affairs

OCTOBER 20, 2021

Last week the company revealed that its after-sales service systems in India were hit by an isolated attack. The incident was disclosed after threat actors have advertised the sale of more than 60 GB of data on an underground cybercrime forum. In response to the intrusion, Acer Taiwan took down the compromised server.

Data breaches

Data breaches Sales Retail Ransomware

2021 data breach exposed data of 70 Million Luxottica customers

Security Affairs

MAY 20, 2023

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. It is probably the data put up for sale on RaidForum, now relase for free!

Data breaches

Data breaches Retail Sales Ransomware

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight Data scraping site taken offline after billions of Discord users’ messages offered for sale A data scraping website called Spy.pet has been taken offline after harvesting more than 4 billion messages made by almost 630 million Discord users and offering them for sale.

Data Privacy

Data Privacy Privacy Manufacturing Security

Cosmolog Kozmetik Data Breach: Hundreds of Thousands of Customers impacted

Security Affairs

JUNE 17, 2021

The securWizCase experts found a major breach that affected the popular online retailer Cosmolog Kozmetik. WizCase’s security team, led by Ata Hakç?l, l, has found a major breach in popular online retailer Cosmolog Kozmetik’s database. Hundreds of thousands of users were compromised in the breach. What’s Happening?

Data breaches

Data breaches Retail Privacy Sales

TicketClub Italy Database Offered in Dark Web

Security Affairs

JULY 21, 2021

A database belonging to TicketClub Italy, a company providing coupons platform for offline purchases, is available for sale on darkweb hacking forums. The information has been originally published at RaidForums which are known for the illegal selling of any data loss from Internet portals and insecure online services. .

Data breaches

Data breaches Sales Retail Phishing

GUEST ESSAY: Did you know these 5 types of digital services are getting rich off your private data?

The Last Watchdog

NOVEMBER 5, 2018

During the Dakota Pipeline Protests, Facebook sold the private chat messages of its users who were discussing the matter to the FBI and local police, as well as private security companies who further reported inside information directly to the pipeline company.

Privacy

Privacy Sales Access Big data

State attorneys general announced a $1.5 million settlement with Neiman Marcus

Security Affairs

JANUARY 9, 2019

Early 2014, the high-end retailer confirmed a data breach, the incident happened a few weeks after the clamorous data breach at US giant retailer Target. At the time, Neiman Marcus had 79 stores and reported total sales of $1.1 Tens of attorneys general announced this week a $1.5 billion in the Q4 2013.

Data breaches

Data breaches Retail Sales Personal data

Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Security Affairs

DECEMBER 5, 2022

“In the Box” dark web marketplace is leveraged by cybercriminals to attack over 300 financial institutions (FIs), payment systems, social media and online-retailers in 43 countries. Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators.

Retail

Retail Sales Passwords IT

Top 10 tips to stay safe online

IT Governance

DECEMBER 8, 2017

It will come as no surprise that Christmas is by far the busiest period for online shopping , with online sales accounting for £25 billion during Christmas 2016 (IMRG Capgemini e-Retail Sales Index, January 2017). The festive period is an ideal time for cyber criminals to strike. billion this Christmas.

Sales

Sales Retail Security awareness Risk

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Data Matters

JANUARY 24, 2020

Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year. Protection of Retail Investors . Retail-Targeted Investments.

Cybersecurity

Cybersecurity Retail Compliance Marketing

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

Armstrong Archives

DECEMBER 19, 2023

No matter the size of a business, a well-defined record retention policy serves multiple purposes: ensuring compliance with legal and regulatory requirements, aiding in efficient document management, and securing sensitive information. Also, their policies must be tailored to their specific industry requirements and business size.

Compliance

Compliance Archiving Digital transformation Sales

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

Data Matters

FEBRUARY 20, 2020

Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year. Protection of Retail Investors . Retail-Targeted Investments.

Retail

Retail Compliance Marketing Risk

New AlienFox toolkit harvests credentials for tens of cloud services

Security Affairs

MARCH 30, 2023

AlienFox is available for sale and is primarily distributed on Telegram in the form of source code archives. The most recent version of AlienFox, Version 4, shows a totally different structure, it has added WordPress, Joomla, Drupal, Prestashop, Magento, and Opencart targeting, an Amazon.com retail site account checker.

Cloud

Cloud Mining Retail Sales

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Security Affairs

SEPTEMBER 4, 2021

The messages used weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript backdoor, in an attack aimed at a US point-of-sale (PoS) service provider. “The specified targeting of the Clearmind domain fits well with FIN7’s preferred modus operandi.

Retail

Retail Sales Phishing IT

Hackers stole card details from BriansClub carding site

Security Affairs

OCTOBER 20, 2019

BriansClub, one of the biggest a dark web “carding store,” which specializes in the sale of stolen payment card data, has been hacked. . at ), one of the biggest black market sites, that specializes in the sale of stolen credit card data. million card records for sale, in 2016, 2.89 million card records for sale, in 2016, 2.89

Sales

Sales Retail Archiving Marketing

Experts spotted five malicious Google Chrome extensions used by 1.4M users

Security Affairs

AUGUST 31, 2022

Researchers spotted 5 malicious Google Chrome extensions used to track users’ browsing activity and profit of retail affiliate programs. McAfee researchers discovered five malicious Google Chrome extensions with a total install base of over 1,400,000.

Retail

Retail Sales Authentication Privacy

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Name, address, billing information, and credit card info is thought to be compromised. Hannah Anderson was breached. Notices started going out there 15th.

Data breaches

Data breaches Retail Cloud Insurance

Prominent Carding Marketplace UniCC announced it’s shutting down

Security Affairs

JANUARY 15, 2022

“Hundreds of millions of payment card details have been stolen from online retailers, banks and payments companies before being sold for cryptocurrency on online marketplaces such as UniCC.” billion in sales with Bitcoin alone. ” reads the analysis published by Elliptic Threat Intel.

Marketing

Marketing Retail Sales Ransomware

Danish company Demant expects to incur losses of up to $95 after cyber attack

Security Affairs

OCTOBER 1, 2019

The impact is predominately related to the estimated lost sales and on the growth momentum. “Approximately half of the estimated lost sales relates to our hearing aid wholesale business. We estimate that our retail business will see the biggest impact in Australia, the US and Canada followed by the UK.

Sales

Sales Ransomware Retail Insurance

Security Affairs newsletter Round 390

Security Affairs

OCTOBER 23, 2022

Multiple supply chains potentially impacted Bulgaria hit by a cyber attack originating from Russia Interpol arrested 75 members of the cybercrime ring Black Axe 45,654 VMware ESXi servers reached End of Life on Oct.

Security

Security Data breaches Ransomware Retail

DoJ announced to have shut down Slilpp marketplace in international operation

Security Affairs

JUNE 11, 2021

The marketplace had been active since 2012, it was allowing sellers to offer stolen login credentials, including usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Retail

Retail Sales Passwords IT

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

“The group’s shifting monetization methods—from point-of-sale (POS) malware in 2018, to ransomware in 2019, and hybrid extortion in 2020—is part of a larger trend in which criminal actors have increasingly focused on post-compromise ransomware deployment and data theft extortion.” ” reads the analysis published by FireEye.

Ransomware

Ransomware IT Healthcare Phishing

Did H&M spy on its German employees? Privacy watchdog opens an investigation

Security Affairs

JANUARY 27, 2020

A German p rivacy watchdog is investigating into clothing retailer H&M because it was allegedly spying on its customer service representatives in Germany. Let’s remind that according to EU GDPR law, H&M could face a fine of four percent of global annual sales. Pierluigi Paganini. SecurityAffairs – H&M, privacy).

Privacy

Privacy IT Retail Sales

Global Scamdemic: Scams Become Number One Online Crime

Security Affairs

JUNE 10, 2021

In 2020, a multi-stage scam called Rabbit Hole targeted companies’ brands, primarily retail and online services. The scheme is aimed at people using marketplaces and services related to property rentals, hotel bookings, online bank transfers, online retail stores, ridesharing and deliveries.

Phishing

Phishing Retail Insurance Risk

Croatia’s largest petrol station chain INA group hit by ransomware attack

Security Affairs

FEBRUARY 20, 2020

” reads a security breach notice published by the company on its website. “Market supply is secure. Fuel sales at our retail locations continue unhindered. All payments are secure, whether it is a cash payment, an INA card or a bank card. INA is taking steps to remedy the system’s hassle.”

Ransomware

Ransomware Encryption Retail Sales

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Malware-based anonymity networks are a major source of unwanted and malicious web traffic directed at online retailers, Internet service providers (ISPs), social networks, email providers and financial institutions.

Analytics

Analytics Passwords Systems administration Retail

Over 23 million stolen payment card data traded on the Dark Web in H1 2019

Security Affairs

JULY 28, 2019

A report published by cybersecurity firm Sixgill revealed that data for over 23 million payment card were offered for sale in the cybercrime underground. The report, titled “ Underground financial fraud report “, provides interesting details about the sale of stolen financial data in the Dark Web. .

Sales

Sales Marketing Encryption Retail

Volvo retailer leaks sensitive files

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Trending Sources

Hacker stole credit cards from the website of Canada’s largest alcohol retailer LCBO

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

Sweden’s liquor supply severely impacted by ransomware attack on logistics company

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

Wawa card breach: 30 million card records for sale in the dark web

Black Friday and Cyber Monday, crooks are already at work

CNIL Adopts Its First Sanction as Lead Supervisory Authority, Fining French Online Shoe Retailer

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Clop Ransomware gang claims to have stolen 2 million credit cards from E-Land

Eken camera doorbells allow ill-intentioned individuals to spy on you

REvil gang exploited a zero-day in the Kaseya supply chain attack

Ransomware attack disrupted store operations in the Netherlands and Germany

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

Former Microsoft worker sentenced to nine years in prison for stealing $10+ million

Acer suffered the second security breach in a few months

Acer suffers a second data breach in a week

2021 data breach exposed data of 70 Million Luxottica customers

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

Cosmolog Kozmetik Data Breach: Hundreds of Thousands of Customers impacted

TicketClub Italy Database Offered in Dark Web

GUEST ESSAY: Did you know these 5 types of digital services are getting rich off your private data?

State attorneys general announced a $1.5 million settlement with Neiman Marcus

Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Top 10 tips to stay safe online

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

New AlienFox toolkit harvests credentials for tens of cloud services

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Hackers stole card details from BriansClub carding site

Experts spotted five malicious Google Chrome extensions used by 1.4M users

US-based children’s clothing maker Hanna Andersson discloses a data breach

Prominent Carding Marketplace UniCC announced it’s shutting down

Danish company Demant expects to incur losses of up to $95 after cyber attack

Security Affairs newsletter Round 390

DoJ announced to have shut down Slilpp marketplace in international operation

FIN11 gang started deploying ransomware to monetize its operations

Did H&M spy on its German employees? Privacy watchdog opens an investigation

Global Scamdemic: Scams Become Number One Online Crime

Croatia’s largest petrol station chain INA group hit by ransomware attack

Who and What is Behind the Malware Proxy Service SocksEscort?

Over 23 million stolen payment card data traded on the Dark Web in H1 2019

Stay Connected