Data Breach Today

OCTOBER 11, 2019

23 Million Victims Across US, UK, EU and Australia Receive Breach Notifications Personalized product retailer CafePress has been hit with a lawsuit alleging that it failed to notify 23 million customers about a data breach in a timely manner or follow security best practices.

Retail 179

Retail Security Data breaches Passwords 179

IT Governance

FEBRUARY 26, 2020

Decathlon, the world’s largest sporting goods retailer, has suffered a massive data breach, affecting 123 million customer and employee records. Cyber security researchers at vpnMentor found a leaky database on a publicly accessible Elasticsearch server. Customers’ email addresses and login information were also compromised.

Retail 131

Retail Phishing Data breaches Education 131

Hunton Privacy

AUGUST 11, 2020

On August 5, 2020, the French Data Protection Authority (the “CNIL”) announced that it has levied a fine of €250,000 on French online shoe retailer, Spartoo, for various infringements of the EU General Data Protection Regulation (“GDPR”). Background. Spartoo is a French-based company specializing in online shoe sales. CNIL Decision.

Retail 114

Retail GDPR IT Personal data 114

Security Affairs

APRIL 23, 2019

Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. ” reads the announcement published on the website.

Passwords 70

Passwords Security Retail Personal data 70

Thales Cloud Protection & Licensing

JANUARY 10, 2022

How Can We Secure The Future of Digital Payments? The biggest challenge for both retailers and financial organizations was the rapidness of that change. Without it, it’s close to impossible for an organization to act securely and in accordance with rules and regulations. Advice for secure digital payments.

Retail 126

Retail Security Financial Services Authentication 126

Krebs on Security

JULY 23, 2018

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity. A YubiKey Security Key made by Yubico. a mobile device).

Phishing 223

Phishing Security Authentication Passwords 223

Krebs on Security

AUGUST 10, 2022

Indeed, security-minded readers have often alerted KrebsOnSecurity about spam to specific aliases that suggested a breach at some website, and usually they were right, even if the company that got hacked didn’t realize it at the time. Importantly, you don’t ever use this alias anywhere else. What about you, Dear Reader?

Security 210

Security Data breaches Passwords Retail 210

Security Affairs

JANUARY 19, 2024

VF immediately began taking measures to remediate the attack and launched an investigation into the security breach. ” reads a Form 8-K filed with the Securities and Exchange Commission (SEC) on January 18, 2024. VF immediately began taking measures to remediate the attack and launched an investigation into the security breach.

Data breaches 116

Data breaches Passwords Retail Insurance 116

Security Affairs

JANUARY 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence 94

Artificial Intelligence Data breaches Security Ransomware 94

Krebs on Security

OCTOBER 1, 2021

30 , the FCC said it plans to move quickly on requiring the mobile companies to adopt more secure methods of authenticating customers before redirecting their phone number to a new device or carrier. In a long-overdue notice issued Sept. ” The FCC said the proposal was in response to a flood of complaints to the agency and the U.S.

Passwords 288

Passwords Authentication Communications Retail 288

Krebs on Security

APRIL 18, 2023

In January 2023, the Faceless service website said it was willing to pay for information about previously undocumented security vulnerabilities in IoT devices. Recently, Faceless has shown ambitions beyond just selling access to poorly-secured IoT devices. The password chosen by this user was “ 1232.” In 2013, U.S.

Passwords 231

Passwords IoT Sales Retail 231

Security Affairs

OCTOBER 21, 2022

Electricity company EnergyAustralia suffered a security breach, threat actors had access to information on 323 customers. EnergyAustralia is the country’s third-largest energy retailer. “It added that impacted customers had been contacted by text and email on October 2 with a prompt to reset their passwords.”. .”

Security 58

Security Passwords Retail Access 58

Security Affairs

APRIL 12, 2024

The security firm pointed out that this is the first TA547 group to use this malware family. The TA547 group sent emails to the victims impersonating the German retail company Metro, purportedly related to invoices. The messages contain a password-protected ZIP file containing an LNK file when opened.

Retail 105

Retail Passwords IT Security 105

Thales Cloud Protection & Licensing

NOVEMBER 20, 2022

How to Secure Access for your Seasonal Workers. As the holiday season approaches, many retail, hospitality, logistics, and food manufacturing organizations hire seasonal workers to meet increasing demand. The Bureau of Labor Statistics reports a 7% job rise in the retail industry. Mon, 11/21/2022 - 05:36.

Access 71

Access Retail Security Authentication 71

Security Affairs

JANUARY 30, 2021

The company detected the security breach on January 6, 2021, and determined that the intrusion took place early this year, on January 4th, 2021. Then threat actors tricked UScellular employees working in retail stores into downloading and installing malicious software. ” reads the USCellular data breach notification.

Data breaches 141

Data breaches Retail Passwords Access 141

IT Governance

FEBRUARY 21, 2019

This week, we discuss a security flaw affecting 1Password, Dashlane, KeePass and LastPass; the prevalence of historic vulnerabilities in corporate IT systems; the increase in formjacking attacks; and Wendy’s $50 million data breach settlement. Each password manager also attempted to scrub secrets from memory.

Passwords 76

Passwords Data breaches Retail Government 76

Security Affairs

OCTOBER 1, 2021

Luxury retail company Neiman Marcus Group has announced this week that it has suffered a data breach that impacted customer information. Exposed personal information includes names and contact information, usernames, passwords, and answers to security questions associated with online accounts. The security breach impacted 4.6

Data breaches 94

Data breaches Retail Passwords Access 94

Krebs on Security

AUGUST 16, 2018

Unauthorized SIM swaps often are perpetrated by fraudsters who have already stolen or phished a target’s password, as many banks and online services rely on text messages to send users a one-time code that needs to be entered in addition to a password for online authentication. On June 11, 2017, Terpin’s phone went dead.

Security 227

Security Authentication Passwords Phishing 227

Krebs on Security

MARCH 9, 2023

A Croatian national has been arrested for allegedly operating NetWire , a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. Constella also shows the email address zankomario@gmail.com used the password “dugidox2407.”

Access 245

Access Passwords Sales Retail 245

Security Affairs

NOVEMBER 15, 2020

Retail giant The North Face has reset the passwords for some of its customers in response to a successful credential stuffing attack. Outdoor retail giant The North Face has forced a password reset for a number of its customers following a successful credential stuffing attack that took place on October 8th and 9th.

Passwords 118

Passwords Retail Data breaches Access 118

The Texas Record

NOVEMBER 1, 2017

Isn’t it fun to use different passwords for all of the dozens of accounts you use and just when you think you’ve got them memorized you’re forced to change them every few months? The standards on password usage are changing. Well, let me share some good news. Past ‘Best’ Practices. Like this: TxRecBi#1!

Passwords 69

Passwords Authentication Retail Access 69

IT Governance

FEBRUARY 28, 2019

This week, we discuss ICANN’s warning about DNS attacks, the extent of credential stuffing attacks on the retail sector, password managers’ responses to recent research into security flaws, and the European Data Protection Supervisor’s annual report for 2018. We often talk about the perils of password reuse.

Passwords 73

Passwords GDPR Retail Government 73

IT Governance

OCTOBER 26, 2021

Welcome to our third quarterly review of security incidents for 2021, in which we take a closer look at the information gathered in our monthly list of cyber attacks and data breaches. In this article, you’ll find an overview of the cyber security landscape from the past three months, including the latest statistics and our observations.

Data breaches 130

Data breaches Retail Government Ransomware 130

Security Affairs

JANUARY 24, 2024

Impacted customers include Sweden’s largest cinema chain Filmstaden (the attack disrupted its online ticket system) and the discount retail chain Rusta. ” BleepingComputer first reported that the security breach was the result of an Akira ransomware attack. Tietoevry notified law enforcement and impacted customers.

Ransomware 111

Ransomware Government Retail Cloud 111

Hunton Privacy

JUNE 8, 2021

As reported on the Hunton Retail Law Resource blog , this week, the Federal Trade Commission voted 3 to 1 to accept a settlement agreement with MoviePass, Inc., The information allegedly was stored such that it was “accessible to any parties with an internet connection” after MoviePass failed to maintain and manage security controls.

Security 104

Security Marketing Passwords Retail 104

Security Affairs

MAY 20, 2023

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. The investigation into the security breach is still ongoing. “We Luxottica Group S.p.A.

Data breaches 91

Data breaches Retail Sales Ransomware 91

Security Affairs

AUGUST 22, 2018

Hackers claim to have stolen the personal details of almost 20,000 Superdrug customers who shopped online at the cosmetics retailer. The British Superdrug is the last victim of a security breach, hackers claim to have stolen the personal details of almost 20,000 people who shopped online at the cosmetics retailer.

Retail 44

Retail Data breaches Passwords Access 44

IT Governance

JANUARY 9, 2020

Almost everyone wants to know what the future has in store – particularly when it comes to cyber security. With that in mind, Geraint Williams, IT Governance’s chief information security officer, discusses his cyber security predictions in the upcoming year. Ransomware will continue to increase. How should you prepare?

Security 98

Security IoT Phishing Ransomware 98

Security Affairs

JANUARY 30, 2023

Sports fashion retail JD Sports discloses a data breach that explosed data of about 10M customers who placed orders between 2018 and 2020. JD Sports does not hold full payment card data and, further, has no reason to believe that account passwords were accessed.” According to the company, account passwords were compromised.

Data breaches 92

Data breaches e-Delivery Passwords Retail 92

Security Affairs

NOVEMBER 19, 2022

Other campaigns observed by the experts invited recipients to claim gift cards from popular retailers like Home Depot. In this case, the spam messages include links to fake online survey pages that have nothing to do with the retailer’s gift card. The experts also published a guide for a secure holiday shopping.

Sales 142

Sales Retail Phishing Passwords 142

Thales Cloud Protection & Licensing

MARCH 14, 2023

It’s estimated that more than 20% of retail sales will come from eCommerce in 2023 (rising to nearly 25% in 2026), illustrating the magnitude of digital transactions. It’s not only consumers and retailers taking notice of this trend, of course. Privacy and data protection are not the only things consumers expect from a retailer.

Privacy 71

Privacy Retail Customer Experience B2C 71

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. “Looking at network telemetry, we were able to confirm that we saw victims talking back to it on various ports.”

Analytics 201

Analytics Passwords Systems administration Retail 201

Krebs on Security

FEBRUARY 1, 2024

In a SIM-swapping attack, the crooks transfer the target’s phone number to a device they control, allowing them to intercept any text messages or phone calls sent to the victim, including one-time passcodes for authentication or password reset links sent via SMS. ” “FTX had, it seemed, hit rock bottom. residents. .”

Blockchain 233

Blockchain Ransomware Retail Analytics 233

Security Affairs

FEBRUARY 10, 2022

Do not provide your mobile number account information over the phone to representatives that request your account password or pin. Use a variation of unique passwords to access online accounts. Do not store passwords, usernames, or other information for easy login on mobile device applications.

Authentication 93

Authentication Passwords Retail Education 93

Hunton Privacy

OCTOBER 19, 2022

On October 12, 2022, New York Attorney General Letitia James announced that her office had secured a $1.9 million penalty from e-commerce retailer Zoetop, owner of SHEIN and ROMWE, following an improperly handled data breach. In addition to paying New York $1.9 In addition to paying New York $1.9

Data breaches 64

Data breaches Passwords Retail Cybersecurity 64

Security Affairs

MAY 29, 2019

The threat group is also known for its recent attack campaign against Bank and Retail business sectors, but the latest evidence indicates a potential expansion of its criminal operation to other industries too. The “-p” parameter, indeed, specify the password of the archive to be extracted. Part of extracted macro. exe” (SFX).

IT 69

IT Retail Archiving File names 69

Hunton Privacy

JANUARY 12, 2018

On January 8, 2017, the UK Information Commissioner (“ICO”) issued an unprecedented monetary penalty of £400,000 against British mobile phone retailer, The Car Phone Warehouse Limited. In its decision, the ICO meticulously detailed the chronology of events and technical failures that led to the breach.

Retail 40

Retail Personal data Security GDPR 40