UPDATED 21:53 EDT / APRIL 01 2018

INFRA

Up to 5M credit card numbers stolen in hack of Saks Fifth Avenue and Lord & Taylor

Upto 5 million customers of Saks Fifth Avenue, Saks Off Fifth and Lord & Taylor may have had their credit data stolen after a cybercrime syndicate was found to be offering to sell the details.

Discovered by Gemini Data and announced today, the theft of the data is believed to have begun in May 2017 and may still be ongoing, with records stolen from stores in New York state, New Jersey and three locations in Canada. The syndicate was offering the data on the dark web, a shady part of the internet reachable through special software.

The hackers, identified as the JokerStash online crime syndicate, also known as Fin7, revealed their possession of the data on the dark web March 28. Initially they offered to sell only 125,000 records, with the rest likely to be offered for sale in the near future.

Fin7 has been linked to multiple retail hacks in the past including Whole Foods Market Inc., Chipotle Mexican Grill Inc. and Omni Hotels. Those were all point-of-sale systems hacks involving the infection of POS terminals with malware, and this is also the likely case here.

Dmitry Chorine, Gemini Data’s co-founder and chief technology officer, told the Guardian that he also suspects POS malware. “The hackers’ method was to send cleverly crafted phishing emails to company employees, especially managers, supervisors and other key decision-makers,” he said. “Once an employee clicks on [an] attachment, which is often made to look like an invoice, the system gets infected.”

Hudson Bay Co., the parent company of both Saks and Lord & Talyor, confirmed the hack in a statement Sunday. It said there’s no indication yet that this affects the company’s e-commerce or other digital platforms, Hudson’s Bay, Home Outfitters or HBC Europe.

“HBC wanted to reach out to customers quickly to assure them that they will not be liable for fraudulent charges that may result from this matter,” the company said. “HBC has identified the issue, and has taken steps to contain it. Once the company has more clarity around the facts, it will notify customers quickly and will offer those impacted free identity protection services, including credit and web monitoring.”

Photo: Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU