2014, Retail and Security - Information Management Today

Home Depot Settles 2014 Breach Lawsuit for $17.5 Million

Data Breach Today

NOVEMBER 25, 2020

Home Supply Retailer Must Also Implement Several Cybersecurity Protocols The Home Depot reached a $17.5 million settlement in a class-action lawsuit stemming from a 2014 data breach that compromised the payment card data of 40 million of the retailer's customers.

Retail

Retail Data breaches Cybersecurity Security

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. for stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. Vrublevsky Sr.

Retail

Retail Ransomware Marketing Healthcare

Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs

Security Affairs

DECEMBER 17, 2019

LightInTheBox is a Chinese online retailer trading on the New York Stock Exchange, most of its customers are in North America and Europe. “Led by cybersecurity analysts Noam Rotem and Ran Locar, vpnMentor’s research team discovered a leak in a database belonging to the online retailer LightInTheBox.” concludes the post.

Retail

Retail e-Discovery Data breaches Archiving

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

Security Affairs

SEPTEMBER 19, 2018

Magecart hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. The Magecart cybercrime group is back, this time the hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. Pierluigi Paganini.

Retail

Retail Computer and Electronics Data breaches Security

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

Department of Justice (DOJ) today unsealed an indictment against a 38-year-old man from Novosibirsk, Russia for allegedly operating Joker’s Stash, an extremely successful carding shop that came online in late 2014. Alex Holden is founder of the Milwaukee-based cybersecurity firm Hold Security.

Ransomware

Ransomware Retail Government Sales

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

Giant office retail company Staples disclosed a data breach, threat actors accessed some of its customers’ order data. Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization. Pierluigi Paganini.

Data breaches

Data breaches Retail Access Security

Retailers must upgrade online credit card processing security by June 30

Data Protection Report

JUNE 22, 2018

By June 30, 2018, retailers accepting digital (online) credit card transactions must cease using encryption protocols known as SSL or TLS 1.0. Retailers must transition to TLS 1.1 Note also that Nevada law requires compliance with the Payment Card Industry Data Security Standards (PCI DSS) with respect to Nevada cardholders.

Retail

Retail Encryption Security Compliance

Security Affairs newsletter Round 291

Security Affairs

NOVEMBER 29, 2020

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 291 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Security

Security Data breaches Ransomware Retail

Nedbank client data compromised in security breach at third-party provider

Security Affairs

FEBRUARY 14, 2020

Nedbank bank announced on Thursday that a security breach at a third-party supplier has compromised the details of as many as 1.7 Nedbank bank disclosed on Thursday a security breach at a third-party supplier that has compromised the details of as many as 1.7 ” reads a security notice published by the bank.

Security

Security Marketing Retail Communications

Crooks claim to have stolen 20k customer records from Superdrug cosmetics retailer

Security Affairs

AUGUST 22, 2018

Hackers claim to have stolen the personal details of almost 20,000 Superdrug customers who shopped online at the cosmetics retailer. The British Superdrug is the last victim of a security breach, hackers claim to have stolen the personal details of almost 20,000 people who shopped online at the cosmetics retailer.

Retail

Retail Data breaches Passwords Access

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Retail

Retail Manufacturing Ransomware Security

Experts report a rampant growth in the number of malicious, lookalike domains

Security Affairs

NOVEMBER 18, 2019

Cyber security firm Venafi announced it has uncovered lookalike domains with valid TLS certificates that appear to target major retailers. is a private cybersecurity company that develops software to secure and protect cryptographic keys and digital certificates. retailers with over 49,500 typosquatted domains.

Retail

Retail Encryption Phishing Authentication

Hackers stole credit card data from JM Bullion online bullion dealer

Security Affairs

NOVEMBER 2, 2020

JM Bullion, the online retailer of products made of precious metals (i.e. JM Bullion has sent a ‘ Notice of Data Security Incident ‘ to its customers, the security breach took place on February 18, 2020, when its staff discovered a malicious script on its website. Pierluigi Paganini.

Data breaches

Data breaches Retail Security IT

Bodybuilding.com forces password reset after a security breach

Security Affairs

APRIL 23, 2019

Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Security Retail Personal data

Neiman Marcus discloses data breach, payment card data exposed

Security Affairs

OCTOBER 1, 2021

Luxury retail company Neiman Marcus Group has announced this week that it has suffered a data breach that impacted customer information. Exposed personal information includes names and contact information, usernames, passwords, and answers to security questions associated with online accounts. The security breach impacted 4.6

Data breaches

Data breaches Retail Passwords Access

Security Affairs newsletter Round 245

Security Affairs

DECEMBER 22, 2019

The best news of the week with Security Affairs. Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs. Negative opinion of Italy security committee Copasir on Huawei, ZTE 5G solutions. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Security

Security Ransomware Passwords Data breaches

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. Security experts from cyber-security firm Prevailion reported that TA505 has compromised more than 1,000 organizations. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. We strongly recommend patching.

Authentication

Authentication Retail Passwords Security

Toymaker giant Mattel disclosed a ransomware attack

Security Affairs

NOVEMBER 4, 2020

The company filed a 10-Q form with the Securities and Exchange Commission (SEC), Mattel disclosed that it suffered a ransomware attack on July 28th, 2020. “A forensic investigation of the incident has concluded, and no exfiltration of any sensitive business data or retail customer, supplier, consumer, or employee data was identified.

Ransomware

Ransomware Retail Encryption IT

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

DECEMBER 11, 2020

Since at least 2014, experts at FireEye have observed the APT32 group targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. Now the Facebook security team has revealed the real identity of APT32 , linking the group to an IT company in Vietnam named CyberOne Group. .

Agriculture

Agriculture IT Retail Manufacturing

Ritz hotel diners were victims of a sophisticated scam

Security Affairs

AUGUST 16, 2020

To cash out the payment card data obtained, the scammers attempted to make purchases at the catalogue retailer Argos. The scammers told the client of the hotel that her payment card had been declined, and asked her for a second bank card, then they tried to make several transactions in excess of £1,000 at the catalogue retailer Argos.

Retail

Retail Data breaches Security IT

MyPillow and Amerisleep are the latest victims of Magecart gangs

Security Affairs

MARCH 20, 2019

Security experts at riskIQ revealed today that another two organizations were victims of Magecart crime gang, the bedding retailers MyPillow and Amerisleep. Security experts at RiskIQ announced that the two bedding retailers MyPillow and Amerisleep were victims of the Magecart cybercrime gang. Pierluigi Paganini.

Retail

Retail Security IT

Who Stole 3.6M Tax Records from South Carolina?

Krebs on Security

APRIL 16, 2024

The answer may no longer be a mystery: KrebsOnSecurity found compelling clues suggesting the intrusion was carried out by the same Russian hacking crew that stole of millions of payment card records from big box retailers like Home Depot and Target in the years that followed. “At the time, it was one of the largest breaches in U.S.

Sales

Sales Retail Insurance IT

Accessories giant Claire’s is the victim of a Magecart attack, credit card data exposed

Security Affairs

JUNE 15, 2020

based jewelry and accessory giant Claire’s, and its subsidiary Icing, the security breach took place in April and attackers may have gained access to customer’s credit cards. “Claire’s, a fashion retailer, closed all of its 3000 brick & mortar stores worldwide on March 20th. Pierluigi Paganini.

Retail

Retail Access Cybersecurity Security

Australia banned Huawei from 5G network due to security concerns

Security Affairs

AUGUST 25, 2018

Chinese-owned telecommunications firm Huawei has been banned from Australia’s 5G network due to security concerns. Has safely & securely delivered wireless technology in Aust for close to 15 yrs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Huawei is a world leader in 5G.

Security

Security Military Manufacturing Retail

SHEIN Data breach affected 6.42 million users

Security Affairs

SEPTEMBER 25, 2018

Another fashion retailer suffered a data breach, the victim is SHEIN that announces the security breach affected 6.42 The retailer hired a forensic cybersecurity firm as well as an international law firm to investigate the security breach. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Retail Passwords Cybersecurity

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Security firms have monitored the activities of a dozen groups at least since 2010. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Retail Cloud Insurance

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

Mandiant researchers highlighted an important with operations conducted by the TA505 cybercrime gang (aka Evil Corp ), which has been active since 2014 focusing on retail and banking sectors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, FIN11).

Ransomware

Ransomware IT Healthcare Phishing

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

These laws aim to establish standards for securing data, ensuring privacy, and mitigating risks associated with digital information. By enforcing these regulations, governments seek to enhance the overall security posture of businesses and institutions, reduce the likelihood of cyber incidents, and promote trust in the digital ecosystem.

Cybersecurity

Cybersecurity Computer and Electronics Compliance Privacy

State attorneys general announced a $1.5 million settlement with Neiman Marcus

Security Affairs

JANUARY 9, 2019

million settlement with The Neiman Marcus Group LLC over a data breach suffered by the company in 2013 and disclosed earlier 2014. Early 2014, the high-end retailer confirmed a data breach, the incident happened a few weeks after the clamorous data breach at US giant retailer Target. billion in the Q4 2013. .

Data breaches

Data breaches Retail Sales Personal data

Decathlon Spain data leak exposed Spanish employees’ data & more

Security Affairs

FEBRUARY 25, 2020

Experts from vpnMentor have uncovered a leaking, active database containing over 123 million records belonging to the sporting goods retailer Decathlon Spain (and possibly Decathlon UK as well). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the post published by vpnMentor.

Archiving

Archiving Passwords Retail Education

Security Affairs newsletter Round 181 – News of the week

Security Affairs

SEPTEMBER 23, 2018

The best news of the week with Security Affairs. Magecart cybercrime group stole customers credit cards from Newegg electronics retailer. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Security Affairs – Newsletter ).

Computer and Electronics

Computer and Electronics Security Mining Data breaches

Croatia’s largest petrol station chain INA group hit by ransomware attack

Security Affairs

FEBRUARY 20, 2020

” reads a security breach notice published by the company on its website. “Market supply is secure. Fuel sales at our retail locations continue unhindered. All payments are secure, whether it is a cash payment, an INA card or a bank card. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Encryption Retail Sales

Key Ring digital wallet exposes data of 14 Million users in data leak

Security Affairs

APRIL 6, 2020

The images include scans of government-issued IDs, retail club membership and loyalty cards, NRA membership cards, gift cards, credit cards with all details exposed (including CVV), medical insurance cards, medical marijuana ID cards, and more. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Retail

Retail Encryption Insurance Passwords

Wawa card breach: 30 million card records for sale in the dark web

Security Affairs

JANUARY 29, 2020

In December 2019, Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems. Wawa operates more than 860 convenience retail stores, this breach is potentially one of the biggest card incidents in 2019. ” concludes Gemini. Pierluigi Paganini.

Sales

Sales Data breaches Retail Security

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Retail Phishing Encryption

North Korean Lazarus APT stole credit card data from US and EU stores

Security Affairs

JULY 6, 2020

North Korea-linked Lazarus APT has been stealing payment card data from customers of large retailers in the U.S. Sansec researchers reported that North Korea-linked Lazarus APT group has been stealing payment card information from customers of large retailers in the U.S. and Europe for at least a year. and Europe for at least a year.

Retail

Retail Phishing Marketing IT

4 Industries That Have to Fight the Hardest Against Cyberattacks

Security Affairs

DECEMBER 4, 2018

Society’s dependence on internet-based technologies means security professionals must defend against cyberattacks as well as more traditional threats, such as robbers or disgruntled employees. More than 83 percent of organizations responding to a recent survey reported making new or improved organizational security enhancements.

Retail

Retail Cybersecurity Data breaches Risk

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware IT Retail Manufacturing

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. It is the largest office furniture manufacturer in the world.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

Breach at Cloud Solution Provider PCM Inc.

Krebs on Security

JUNE 27, 2019

One security expert at a PCM customer who was recently notified about the incident said the intruders appeared primarily interested in stealing information that could be used to conduct gift card fraud at various retailers and financial institutions. earlier this year.

Cloud

Cloud Retail Access Government

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

In January 2023, the Faceless service website said it was willing to pay for information about previously undocumented security vulnerabilities in IoT devices. Recently, Faceless has shown ambitions beyond just selling access to poorly-secured IoT devices. ” Russian corporate records indicate this entity was liquidated in 2021.

Passwords

Passwords IoT Sales Retail

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Security Affairs

OCTOBER 24, 2020

The company owns and operates eleven properties and an outdoor lifestyle equipment/apparel retail division with stores in cities throughout Michigan. In June, security experts from Symantec reported that at least 31 organizations in the United States have been targeted with the recently discovered WastedLocker ransomware.

Ransomware

Ransomware Retail Manufacturing Encryption

Russian TA505 threat actor target financial entities worldwide

Security Affairs

APRIL 18, 2019

Security experts at CyberInt uncovered a new campaign of a Russian financially motivated threat actor tracked as TA505. “CyberInt researchers have been tracking various activities following the spear-phishing campaign targeting large US-based retailers detected in December 2018.” Pierluigi Paganini.

Retail

Retail Phishing Ransomware Access

440M records found online in unprotected database belonging to Estée Lauder

Security Affairs

FEBRUARY 11, 2020

A security expert discovered that the Cosmetic firm Estée L auder exposed 440 million records online in a database that was left unsecured. The security expert Jeremiah Fowler discovered an unsecured database belonging to the Cosmetic firm Estée L auder that contained 440,336,852 records. ” concluded the post. Pierluigi Paganini.

Archiving

Archiving Retail Manufacturing Passwords

Home Depot Settles 2014 Breach Lawsuit for $17.5 Million

An Interview With the Target & Home Depot Hacker

Trending Sources

Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Staples discloses data breach exposing customer order data

Retailers must upgrade online credit card processing security by June 30

Security Affairs newsletter Round 291

Nedbank client data compromised in security breach at third-party provider

Crooks claim to have stolen 20k customer records from Superdrug cosmetics retailer

Hackers hit Luxottica, production stopped at two Italian plants

Experts report a rampant growth in the number of malicious, lookalike domains

Hackers stole credit card data from JM Bullion online bullion dealer

Bodybuilding.com forces password reset after a security breach

Neiman Marcus discloses data breach, payment card data exposed

Security Affairs newsletter Round 245

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Toymaker giant Mattel disclosed a ransomware attack

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Ritz hotel diners were victims of a sophisticated scam

MyPillow and Amerisleep are the latest victims of Magecart gangs

Who Stole 3.6M Tax Records from South Carolina?

Accessories giant Claire’s is the victim of a Magecart attack, credit card data exposed

Australia banned Huawei from 5G network due to security concerns

SHEIN Data breach affected 6.42 million users

US-based children’s clothing maker Hanna Andersson discloses a data breach

FIN11 gang started deploying ransomware to monetize its operations

2024 Cybersecurity Laws & Regulations

State attorneys general announced a $1.5 million settlement with Neiman Marcus

Decathlon Spain data leak exposed Spanish employees’ data & more

Security Affairs newsletter Round 181 – News of the week

Croatia’s largest petrol station chain INA group hit by ransomware attack

Key Ring digital wallet exposes data of 14 Million users in data leak

Wawa card breach: 30 million card records for sale in the dark web

Report: Threat of Emotet and Ryuk

North Korean Lazarus APT stole credit card data from US and EU stores

4 Industries That Have to Fight the Hardest Against Cyberattacks

Nefilim ransomware gang published Luxottica data on its leak site

Steelcase office furniture giant hit by Ryuk ransomware attack

Breach at Cloud Solution Provider PCM Inc.

Giving a Face to the Malware Proxy Service ‘Faceless’

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Russian TA505 threat actor target financial entities worldwide

440M records found online in unprotected database belonging to Estée Lauder

Stay Connected