2015 and Retail - Information Management Today

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

Security Affairs

SEPTEMBER 19, 2018

Magecart hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. The Magecart cybercrime group is back, this time the hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. Pierluigi Paganini.

Retail

Retail Computer and Electronics Data breaches Security

Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs

Security Affairs

DECEMBER 17, 2019

LightInTheBox is a Chinese online retailer trading on the New York Stock Exchange, most of its customers are in North America and Europe. “Led by cybersecurity analysts Noam Rotem and Ran Locar, vpnMentor’s research team discovered a leak in a database belonging to the online retailer LightInTheBox.” Pierluigi Paganini.

Retail

Retail e-Discovery Data breaches Archiving

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

Giant office retail company Staples disclosed a data breach, threat actors accessed some of its customers’ order data. Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization. Pierluigi Paganini.

Data breaches

Data breaches Retail Access Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Crooks claim to have stolen 20k customer records from Superdrug cosmetics retailer

Security Affairs

AUGUST 22, 2018

Hackers claim to have stolen the personal details of almost 20,000 Superdrug customers who shopped online at the cosmetics retailer. The British Superdrug is the last victim of a security breach, hackers claim to have stolen the personal details of almost 20,000 people who shopped online at the cosmetics retailer. Pierluigi Paganini.

Retail

Retail Data breaches Passwords Access

Experts report a rampant growth in the number of malicious, lookalike domains

Security Affairs

NOVEMBER 18, 2019

Cyber security firm Venafi announced it has uncovered lookalike domains with valid TLS certificates that appear to target major retailers. The number is doubled compared to last year, the study revealed that less than 19,890 certificates have been issued for legitimate retail domains. retailers with over 49,500 typosquatted domains.

Retail

Retail Encryption Phishing Authentication

Checkers, Rally's Burger Joints Hit By POS Malware

Data Breach Today

MAY 31, 2019

Infections Started in 2015 and Ran Through April Checkers Drive-In Restaurants says 102 of its 900 U.S. locations were hit with point-of-sale malware, with one California restaurant infected over a more than two-year period starting in December 2015.

Retail

Retail Sales IT

MyPillow and Amerisleep are the latest victims of Magecart gangs

Security Affairs

MARCH 20, 2019

Security experts at riskIQ revealed today that another two organizations were victims of Magecart crime gang, the bedding retailers MyPillow and Amerisleep. Security experts at RiskIQ announced that the two bedding retailers MyPillow and Amerisleep were victims of the Magecart cybercrime gang. Pierluigi Paganini.

Retail

Retail Security IT

North Korean Lazarus APT stole credit card data from US and EU stores

Security Affairs

JULY 6, 2020

North Korea-linked Lazarus APT has been stealing payment card data from customers of large retailers in the U.S. Sansec researchers reported that North Korea-linked Lazarus APT group has been stealing payment card information from customers of large retailers in the U.S. and Europe for at least a year. and Europe for at least a year.

Retail

Retail Phishing Marketing IT

Accessories giant Claire’s is the victim of a Magecart attack, credit card data exposed

Security Affairs

JUNE 15, 2020

Claire’s is an American retailer of accessories, jewelry, and toys primarily aimed toward girls, tweens and teens, it has over 2,000 locations in North America and Europe, and 6,794 concession locations and 546 franchised stores in other regions. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Retail

Retail Access Cybersecurity Security

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Retail

Retail Manufacturing Ransomware Security

SHEIN Data breach affected 6.42 million users

Security Affairs

SEPTEMBER 25, 2018

Another fashion retailer suffered a data breach, the victim is SHEIN that announces the security breach affected 6.42 The retailer hired a forensic cybersecurity firm as well as an international law firm to investigate the security breach. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Retail Passwords Cybersecurity

Russian TA505 threat actor target financial entities worldwide

Security Affairs

APRIL 18, 2019

“CyberInt researchers have been tracking various activities following the spear-phishing campaign targeting large US-based retailers detected in December 2018.” ” The TA505 group was first spotted by Proofpoint back 2017, it has been active at least since 2015 and targets organizations in financial and retail industries. .

Retail

Retail Phishing Ransomware Access

Toymaker giant Mattel disclosed a ransomware attack

Security Affairs

NOVEMBER 4, 2020

“A forensic investigation of the incident has concluded, and no exfiltration of any sensitive business data or retail customer, supplier, consumer, or employee data was identified. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the 10-Q form. Pierluigi Paganini.

Ransomware

Ransomware Retail Encryption IT

Key Ring digital wallet exposes data of 14 Million users in data leak

Security Affairs

APRIL 6, 2020

The images include scans of government-issued IDs, retail club membership and loyalty cards, NRA membership cards, gift cards, credit cards with all details exposed (including CVV), medical insurance cards, medical marijuana ID cards, and more. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Retail

Retail Encryption Insurance Passwords

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Retail Cloud Insurance

4 Industries That Have to Fight the Hardest Against Cyberattacks

Security Affairs

DECEMBER 4, 2018

The retail industry is cyclical, so certain times of the year — including the holiday season or when kids go back to school — are particularly busy. Despite those risks, retailers make blunders when budgeting for cybersecurity. happened at retail establishments. A recent report found 50 percent of all data breaches in the U.S.

Retail

Retail Cybersecurity Data breaches Risk

Freedom Mobile data breach impacts at least 15,000 customers

Security Affairs

MAY 9, 2019

Freedom Mobile attempted to downplay the incident saying that the total records stored in the unprotected database were related to only 15,000 customers who had opened or made any changes to their accounts at 17 Freedom Mobile retail locations between March 25 and April 16.

Data breaches

Data breaches Retail Encryption Communications

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Analyzing the general distribution of the compromised domains, grouped by category, it is possible to verify that the most affected were as follows: professional/companies (20.2%), personal (13.5%), retail (12.7%) and industry (11.9%). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. DOWNLOAD FULL REPORT.

Ransomware

Ransomware Retail Phishing Encryption

Hackers stole credit card data from JM Bullion online bullion dealer

Security Affairs

NOVEMBER 2, 2020

JM Bullion, the online retailer of products made of precious metals (i.e. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. JM Bullion, the leading online bullion dealer in the United States, has disclosed a data breach, hackers stole customers’ credit card information. Pierluigi Paganini.

Data breaches

Data breaches Retail Security IT

Operator of Scan4You Malware-Scanning sentenced to 14 Years in prison

Security Affairs

SEPTEMBER 22, 2018

Scan4you service allows its customers to develop malicious codes that were used to steal millions of payment cards from retail stores across the world, it has been estimated that overall losses account for $20.5 ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. billion. . Pierluigi Paganini.

Retail

Retail IT Security

Decathlon Spain data leak exposed Spanish employees’ data & more

Security Affairs

FEBRUARY 25, 2020

Experts from vpnMentor have uncovered a leaking, active database containing over 123 million records belonging to the sporting goods retailer Decathlon Spain (and possibly Decathlon UK as well). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the post published by vpnMentor.

Archiving

Archiving Passwords Retail Education

Here’s Why Credit Card Fraud is Still a Thing

Krebs on Security

JULY 29, 2020

McCoy and fellow NYU researchers found BriansClub earned close to $104 million in gross revenue from 2015 to early 2019, and listed over 19 million unique card numbers for sale. In 2015, the major credit card associations instituted new rules that made it riskier and potentially more expensive for U.S.

Sales

Sales Retail Military Paper

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

Security Affairs

MARCH 30, 2020

One way to do this is NOT to click on promotional links in emails, and instead, Google your desired retailer and click the link from the Google results page. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Prevent zero-day attacks with a holistic, end to end cyber architecture.

Communications

Communications Retail Authentication Government

Croatia’s largest petrol station chain INA group hit by ransomware attack

Security Affairs

FEBRUARY 20, 2020

Fuel sales at our retail locations continue unhindered. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads a security breach notice published by the company on its website. “Market supply is secure. All payments are secure, whether it is a cash payment, an INA card or a bank card.

Ransomware

Ransomware Encryption Retail Sales

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs

OCTOBER 3, 2018

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” states the report.

Retail

Retail Libraries Government Phishing

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Security Affairs

SEPTEMBER 4, 2021

As a California-based provider of POS technology for the retail and hospitality sector, a successful infection would allow the group to obtain payment card data and later sell the information on online marketplaces.” “The specified targeting of the Clearmind domain fits well with FIN7’s preferred modus operandi.

Retail

Retail Sales Phishing IT

440M records found online in unprotected database belonging to Estée Lauder

Security Affairs

FEBRUARY 11, 2020

Estée L auder is an American multinational manufacturer and marketer of p restige skincare, makeup, fragrance and hair care p roducts, it owns multiple brands, distributed internationally through both digital commerce and retail channels. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Archiving

Archiving Retail Manufacturing Passwords

State attorneys general announced a $1.5 million settlement with Neiman Marcus

Security Affairs

JANUARY 9, 2019

Early 2014, the high-end retailer confirmed a data breach, the incident happened a few weeks after the clamorous data breach at US giant retailer Target. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Tens of attorneys general announced this week a $1.5 billion in the Q4 2013. Pierluigi Paganini.

Data breaches

Data breaches Retail Personal data Sales

VF Corp December data breach impacts 35 million customers

Security Affairs

JANUARY 19, 2024

In 2015, the company controlled 55% of the U.S. The incident interrupted retail store inventory replenishment and delayed order fulfillment. American global apparel and footwear company VF Corp revealed that the December data breach impacted 35.5 million customers.

Data breaches

Data breaches Passwords Retail Insurance

Ritz hotel diners were victims of a sophisticated scam

Security Affairs

AUGUST 16, 2020

To cash out the payment card data obtained, the scammers attempted to make purchases at the catalogue retailer Argos. The scammers told the client of the hotel that her payment card had been declined, and asked her for a second bank card, then they tried to make several transactions in excess of £1,000 at the catalogue retailer Argos.

Data breaches

Data breaches Retail Security IT

Hacker who reported a flaw in Hungarian Magyar Telekom faces up to 8-years in jail

Security Affairs

FEBRUARY 3, 2019

This second vulnerability could have allowed an attacker to access all public and retail mobile and data traffic, and monitor the servers of the firm. “Negotiations were stalled, but the programmer continued to search for a more serious vulnerability that could allow access to all public and retail mobile and data traffic.”

Retail

Retail Risk Access Security

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

AUGUST 21, 2019

As people have growing opportunities to shop online, the chances for hackers to carry out lucrative cyberattacks in the retail sector also go up. Statistics from 2016 showed that the average cost per compromised retail record was $172. People are becoming less tolerant of retailers that have widescale data breaches.

Cybersecurity

Cybersecurity Retail Manufacturing Data breaches

Hacker who helped the ISIS will remain in US prison

Security Affairs

OCTOBER 9, 2020

He was arrested in Malaysia in September 2015 and transferred to the US to face trial. The collaboration between the IS hackers Hussain and Ferizi started in April 2015, according to the US authorities. The ISIS-linked hacker obtained the data by hacking into the US web hosting company’s servers on June 13, 2015.

Military

Military Government Retail Personal data

Breach at Dickey’s BBQ Smokes 3M Cards

Krebs on Security

OCTOBER 15, 2020

The NYU researchers found BriansClub earned close to $104 million in gross revenue from 2015 to early 2019, and listed over 19 million unique card numbers for sale. Dominitz said he never imagined back in 2015 when he founded Q6Cyber that we would still be seeing so many merchants dealing with magstripe-based data breaches.

Sales

Sales Data breaches Retail Ransomware

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

Mandiant researchers highlighted an important with operations conducted by the TA505 cybercrime gang (aka Evil Corp ), which has been active since 2014 focusing on retail and banking sectors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, FIN11).

Ransomware

Ransomware IT Healthcare Phishing

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. It is the largest office furniture manufacturer in the world.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Security Affairs

OCTOBER 24, 2020

The company owns and operates eleven properties and an outdoor lifestyle equipment/apparel retail division with stores in cities throughout Michigan. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. An industry leader in multiple U.S. Department of Justice (DoJ) has charged Russian citizens Maksim V. (32)

Ransomware

Ransomware Retail Manufacturing Encryption

Leicester City Football Club disclosed a card breach

Security Affairs

JUNE 2, 2019

“Upon discovery of the breach, the security of our retail platform was immediately restored and appropriate measures were taken to ensure the security of all other online assets.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the statement issued by the company.

Retail

Retail Cybersecurity Security IT

Lumber Liquidators hit by malware attack that took down its network

Security Affairs

AUGUST 29, 2019

Lumber Liquidators, a leading specialty retailer of hard-surface flooring in North America, announced that a malware attack took down its network. North American hard-surface flooring retailer Lumber Liquidators revealed that it was victim of a security incident, a malware-based attack took down part of its network for nearly a week. .

IT

IT Retail Security Information Security

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

” The TA505 group was first spotted by Proofpoint back 2017, it has been active at least since 2015 and targets organizations in financial and retail industries. “On December 13, 2018, we observed another large ServHelper “downloader” campaign targeting retail and financial services customers.”

IT

IT Financial Services Ransomware Retail

Did H&M spy on its German employees? Privacy watchdog opens an investigation

Security Affairs

JANUARY 27, 2020

A German p rivacy watchdog is investigating into clothing retailer H&M because it was allegedly spying on its customer service representatives in Germany. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. In the coming weeks, the data protection officer would decide the fines for this case.

Privacy

Privacy IT Retail GDPR

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

Security Affairs

APRIL 27, 2019

“Several exploitable vulnerabilities exist in the Sierra Wireless AirLink ES450, an LTE gateway designed for distributed enterprise, such as retail point-of-sale or industrial control systems.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the analysis published by Cisco Talos.

Passwords

Passwords IoT Sales Authentication

Amazon is investigating allegations that its staff is selling customer data

Security Affairs

SEPTEMBER 18, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Security Affairs – Retailer, data leak ). The company is concerned by fake reviews by purported customers, the company started the investigation months ago. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IT

IT Retail Sales Security

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. At the end of September, DHS CISA issued an emergency directive to tells government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday.

Authentication

Authentication Retail Passwords Security

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs

Webinars

Trending Sources

Staples discloses data breach exposing customer order data

Webinars

Crooks claim to have stolen 20k customer records from Superdrug cosmetics retailer

Experts report a rampant growth in the number of malicious, lookalike domains

Checkers, Rally's Burger Joints Hit By POS Malware

MyPillow and Amerisleep are the latest victims of Magecart gangs

North Korean Lazarus APT stole credit card data from US and EU stores

Accessories giant Claire’s is the victim of a Magecart attack, credit card data exposed

Hackers hit Luxottica, production stopped at two Italian plants

SHEIN Data breach affected 6.42 million users

Russian TA505 threat actor target financial entities worldwide

Toymaker giant Mattel disclosed a ransomware attack

Key Ring digital wallet exposes data of 14 Million users in data leak

US-based children’s clothing maker Hanna Andersson discloses a data breach

4 Industries That Have to Fight the Hardest Against Cyberattacks

Freedom Mobile data breach impacts at least 15,000 customers

Report: Threat of Emotet and Ryuk

Hackers stole credit card data from JM Bullion online bullion dealer

Operator of Scan4You Malware-Scanning sentenced to 14 Years in prison

Decathlon Spain data leak exposed Spanish employees’ data & more

Here’s Why Credit Card Fraud is Still a Thing

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

Croatia’s largest petrol station chain INA group hit by ransomware attack

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

440M records found online in unprotected database belonging to Estée Lauder

State attorneys general announced a $1.5 million settlement with Neiman Marcus

VF Corp December data breach impacts 35 million customers

Ritz hotel diners were victims of a sophisticated scam

Hacker who reported a flaw in Hungarian Magyar Telekom faces up to 8-years in jail

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Hacker who helped the ISIS will remain in US prison

Breach at Dickey’s BBQ Smokes 3M Cards

FIN11 gang started deploying ransomware to monetize its operations

Steelcase office furniture giant hit by Ryuk ransomware attack

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Leicester City Football Club disclosed a card breach

Lumber Liquidators hit by malware attack that took down its network

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Did H&M spy on its German employees? Privacy watchdog opens an investigation

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

Amazon is investigating allegations that its staff is selling customer data

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Stay Connected