2015, Retail and Security - Information Management Today

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

Security Affairs

SEPTEMBER 19, 2018

Magecart hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. The Magecart cybercrime group is back, this time the hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. Pierluigi Paganini.

Retail

Retail Computer and Electronics Data breaches Security

Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs

Security Affairs

DECEMBER 17, 2019

LightInTheBox is a Chinese online retailer trading on the New York Stock Exchange, most of its customers are in North America and Europe. “Led by cybersecurity analysts Noam Rotem and Ran Locar, vpnMentor’s research team discovered a leak in a database belonging to the online retailer LightInTheBox.” concludes the post.

Retail

Retail e-Discovery Data breaches Archiving

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

Giant office retail company Staples disclosed a data breach, threat actors accessed some of its customers’ order data. Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization. Pierluigi Paganini.

Data breaches

Data breaches Retail Access Security

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Nedbank client data compromised in security breach at third-party provider

Security Affairs

FEBRUARY 14, 2020

Nedbank bank announced on Thursday that a security breach at a third-party supplier has compromised the details of as many as 1.7 Nedbank bank disclosed on Thursday a security breach at a third-party supplier that has compromised the details of as many as 1.7 ” reads a security notice published by the bank.

Security

Security Marketing Retail Communications

Bodybuilding.com forces password reset after a security breach

Security Affairs

APRIL 23, 2019

Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. ” reads the announcement published on the website.

Passwords

Passwords Security Retail Personal data

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Retail

Retail Manufacturing Ransomware Security

Experts report a rampant growth in the number of malicious, lookalike domains

Security Affairs

NOVEMBER 18, 2019

Cyber security firm Venafi announced it has uncovered lookalike domains with valid TLS certificates that appear to target major retailers. is a private cybersecurity company that develops software to secure and protect cryptographic keys and digital certificates. retailers with over 49,500 typosquatted domains.

Retail

Retail Encryption Phishing Authentication

MyPillow and Amerisleep are the latest victims of Magecart gangs

Security Affairs

MARCH 20, 2019

Security experts at riskIQ revealed today that another two organizations were victims of Magecart crime gang, the bedding retailers MyPillow and Amerisleep. Security experts at RiskIQ announced that the two bedding retailers MyPillow and Amerisleep were victims of the Magecart cybercrime gang. Pierluigi Paganini.

Retail

Retail Security IT

Accessories giant Claire’s is the victim of a Magecart attack, credit card data exposed

Security Affairs

JUNE 15, 2020

based jewelry and accessory giant Claire’s, and its subsidiary Icing, the security breach took place in April and attackers may have gained access to customer’s credit cards. “Claire’s, a fashion retailer, closed all of its 3000 brick & mortar stores worldwide on March 20th. Pierluigi Paganini.

Retail

Retail Access Cybersecurity Security

Crooks claim to have stolen 20k customer records from Superdrug cosmetics retailer

Security Affairs

AUGUST 22, 2018

Hackers claim to have stolen the personal details of almost 20,000 Superdrug customers who shopped online at the cosmetics retailer. The British Superdrug is the last victim of a security breach, hackers claim to have stolen the personal details of almost 20,000 people who shopped online at the cosmetics retailer.

Retail

Retail Data breaches Passwords Access

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Security firms have monitored the activities of a dozen groups at least since 2010. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Retail Cloud Insurance

Hackers stole credit card data from JM Bullion online bullion dealer

Security Affairs

NOVEMBER 2, 2020

JM Bullion, the online retailer of products made of precious metals (i.e. JM Bullion has sent a ‘ Notice of Data Security Incident ‘ to its customers, the security breach took place on February 18, 2020, when its staff discovered a malicious script on its website. Pierluigi Paganini.

Data breaches

Data breaches Retail Security IT

SHEIN Data breach affected 6.42 million users

Security Affairs

SEPTEMBER 25, 2018

Another fashion retailer suffered a data breach, the victim is SHEIN that announces the security breach affected 6.42 The retailer hired a forensic cybersecurity firm as well as an international law firm to investigate the security breach. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Retail Passwords Cybersecurity

Toymaker giant Mattel disclosed a ransomware attack

Security Affairs

NOVEMBER 4, 2020

The company filed a 10-Q form with the Securities and Exchange Commission (SEC), Mattel disclosed that it suffered a ransomware attack on July 28th, 2020. “A forensic investigation of the incident has concluded, and no exfiltration of any sensitive business data or retail customer, supplier, consumer, or employee data was identified.

Ransomware

Ransomware Retail Encryption IT

Croatia’s largest petrol station chain INA group hit by ransomware attack

Security Affairs

FEBRUARY 20, 2020

” reads a security breach notice published by the company on its website. “Market supply is secure. Fuel sales at our retail locations continue unhindered. All payments are secure, whether it is a cash payment, an INA card or a bank card. INA is taking steps to remedy the system’s hassle.”

Ransomware

Ransomware Encryption Retail Sales

North Korean Lazarus APT stole credit card data from US and EU stores

Security Affairs

JULY 6, 2020

North Korea-linked Lazarus APT has been stealing payment card data from customers of large retailers in the U.S. Sansec researchers reported that North Korea-linked Lazarus APT group has been stealing payment card information from customers of large retailers in the U.S. and Europe for at least a year. and Europe for at least a year.

Retail

Retail Phishing Marketing IT

Decathlon Spain data leak exposed Spanish employees’ data & more

Security Affairs

FEBRUARY 25, 2020

Experts from vpnMentor have uncovered a leaking, active database containing over 123 million records belonging to the sporting goods retailer Decathlon Spain (and possibly Decathlon UK as well). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the post published by vpnMentor.

Archiving

Archiving Passwords Retail Education

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Report: Threat of Emotet and Ryuk appeared first on Security Affairs.

Ransomware

Ransomware Retail Phishing Encryption

Key Ring digital wallet exposes data of 14 Million users in data leak

Security Affairs

APRIL 6, 2020

The images include scans of government-issued IDs, retail club membership and loyalty cards, NRA membership cards, gift cards, credit cards with all details exposed (including CVV), medical insurance cards, medical marijuana ID cards, and more. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Retail

Retail Encryption Insurance Passwords

Freedom Mobile data breach impacts at least 15,000 customers

Security Affairs

MAY 9, 2019

Security researchers at vpnMentor discovered an unprotected database containing information belonging to Freedom Mobile customers. The database was secured on April 23. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Freedom Mobile is the fourth largest mobile network operator in Canada.

Data breaches

Data breaches Retail Encryption Communications

Security Affairs newsletter Round 245

Security Affairs

DECEMBER 22, 2019

The best news of the week with Security Affairs. Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs. Negative opinion of Italy security committee Copasir on Huawei, ZTE 5G solutions. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Security

Security Ransomware Passwords Data breaches

Australia banned Huawei from 5G network due to security concerns

Security Affairs

AUGUST 25, 2018

Chinese-owned telecommunications firm Huawei has been banned from Australia’s 5G network due to security concerns. Has safely & securely delivered wireless technology in Aust for close to 15 yrs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Huawei is a world leader in 5G.

Security

Security Military Manufacturing Retail

Russian TA505 threat actor target financial entities worldwide

Security Affairs

APRIL 18, 2019

Security experts at CyberInt uncovered a new campaign of a Russian financially motivated threat actor tracked as TA505. “CyberInt researchers have been tracking various activities following the spear-phishing campaign targeting large US-based retailers detected in December 2018.” Pierluigi Paganini.

Retail

Retail Phishing Ransomware Access

440M records found online in unprotected database belonging to Estée Lauder

Security Affairs

FEBRUARY 11, 2020

A security expert discovered that the Cosmetic firm Estée L auder exposed 440 million records online in a database that was left unsecured. The security expert Jeremiah Fowler discovered an unsecured database belonging to the Cosmetic firm Estée L auder that contained 440,336,852 records. Pierluigi Paganini.

Archiving

Archiving Retail Manufacturing Passwords

VF Corp December data breach impacts 35 million customers

Security Affairs

JANUARY 19, 2024

In 2015, the company controlled 55% of the U.S. VF immediately began taking measures to remediate the attack and launched an investigation into the security breach. ” reads a Form 8-K filed with the Securities and Exchange Commission (SEC) on January 18, 2024. million customers. million individual consumers.”

Data breaches

Data breaches Passwords Retail Insurance

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. Security experts from cyber-security firm Prevailion reported that TA505 has compromised more than 1,000 organizations. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. We strongly recommend patching.

Authentication

Authentication Retail Passwords Security

Security Affairs newsletter Round 181 – News of the week

Security Affairs

SEPTEMBER 23, 2018

The best news of the week with Security Affairs. Magecart cybercrime group stole customers credit cards from Newegg electronics retailer. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Security Affairs – Newsletter ). A new round of the weekly SecurityAffairs newsletter arrived! Paper Copy.

Security

Security Computer and Electronics Mining Data breaches

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

Security Affairs

MARCH 30, 2020

One way to do this is NOT to click on promotional links in emails, and instead, Google your desired retailer and click the link from the Google results page. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Prevent zero-day attacks with a holistic, end to end cyber architecture. Pierluigi Paganini.

Communications

Communications Retail Authentication Government

Operator of Scan4You Malware-Scanning sentenced to 14 Years in prison

Security Affairs

SEPTEMBER 22, 2018

Scan4you service allows its customers to develop malicious codes that were used to steal millions of payment cards from retail stores across the world, it has been estimated that overall losses account for $20.5 ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. billion. . Pierluigi Paganini.

Retail

Retail IT Security

Ritz hotel diners were victims of a sophisticated scam

Security Affairs

AUGUST 16, 2020

To cash out the payment card data obtained, the scammers attempted to make purchases at the catalogue retailer Argos. The scammers told the client of the hotel that her payment card had been declined, and asked her for a second bank card, then they tried to make several transactions in excess of £1,000 at the catalogue retailer Argos.

Data breaches

Data breaches Retail Security IT

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs

OCTOBER 3, 2018

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Security Affairs – Hidden Cobra, FastCash ).

Retail

Retail Libraries Government Phishing

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Security Affairs

SEPTEMBER 4, 2021

As a California-based provider of POS technology for the retail and hospitality sector, a successful infection would allow the group to obtain payment card data and later sell the information on online marketplaces.” “The specified targeting of the Clearmind domain fits well with FIN7’s preferred modus operandi.

Retail

Retail Sales Phishing IT

Leicester City Football Club disclosed a card breach

Security Affairs

JUNE 2, 2019

“Upon discovery of the breach, the security of our retail platform was immediately restored and appropriate measures were taken to ensure the security of all other online assets.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the statement issued by the company.

Retail

Retail Cybersecurity Security IT

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware IT Retail Manufacturing

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. It is the largest office furniture manufacturer in the world.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

State attorneys general announced a $1.5 million settlement with Neiman Marcus

Security Affairs

JANUARY 9, 2019

Early 2014, the high-end retailer confirmed a data breach, the incident happened a few weeks after the clamorous data breach at US giant retailer Target. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Security Affairs – settlement, cybercrime ). billion in the Q4 2013. Pierluigi Paganini.

Data breaches

Data breaches Retail Personal data Sales

Breach at Dickey’s BBQ Smokes 3M Cards

Krebs on Security

OCTOBER 15, 2020

Today, the company shared a statement saying it was aware of a possible payment card security incident at some of its eateries: “We received a report indicating that a payment card security incident may have occurred. KrebsOnSecurity first contacted Dallas-based Dickey’s on Oct.

Sales

Sales Data breaches Retail Ransomware

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Security Affairs

OCTOBER 24, 2020

The company owns and operates eleven properties and an outdoor lifestyle equipment/apparel retail division with stores in cities throughout Michigan. In June, security experts from Symantec reported that at least 31 organizations in the United States have been targeted with the recently discovered WastedLocker ransomware.

Ransomware

Ransomware Retail Manufacturing Encryption

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. Next, was Retail and Financing, as the most sectors affected in this season. Phishing and Malware Q2 2020. Threats by Sector.

Phishing

Phishing Data collection Retail Security awareness

Hacker who reported a flaw in Hungarian Magyar Telekom faces up to 8-years in jail

Security Affairs

FEBRUARY 3, 2019

According to the local media, in April 2018 the hacker found a serious security vulnerability in the website of the telco company, he exploited the issue to penetrate the telecommunications network. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Now the hacker is facing up to 8 years in prison.

Retail

Retail Risk Access Security

FBI warns US organizations of ProLock ransomware decryptor not working

Security Affairs

MAY 18, 2020

issued a flash alert to warn organizations of the new threat actor targeting healthcare, government, financial, and retail industries in the US. The PwndLocker ransomware first appeared in the threat landscape by security researchers in late 2019, operators’ demands have ranged from $175,000 to more than $660,000 worth of Bitcoin.

Ransomware

Ransomware Retail Access Security

Threat Report Portugal Q1 2020

Security Affairs

APRIL 20, 2020

This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. Next, was Financing due to the Lampion Trojan and Retail, as the most sectors affected in this season. Phishing and Malware Q1 2020.

Phishing

Phishing Retail Security awareness Data collection

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Access

Access Financial Services Retail Insurance

Wawa card breach: 30 million card records for sale in the dark web

Security Affairs

JANUARY 29, 2020

In December 2019, Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems. Wawa operates more than 860 convenience retail stores, this breach is potentially one of the biggest card incidents in 2019. ” concludes Gemini. Pierluigi Paganini.

Sales

Sales Data breaches Retail Security

Magecart cybercrime group stole customers’ credit cards from Newegg electronics retailer

Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs

Webinars

Trending Sources

Staples discloses data breach exposing customer order data

Webinars

Nedbank client data compromised in security breach at third-party provider

Bodybuilding.com forces password reset after a security breach

Hackers hit Luxottica, production stopped at two Italian plants

Experts report a rampant growth in the number of malicious, lookalike domains

MyPillow and Amerisleep are the latest victims of Magecart gangs

Accessories giant Claire’s is the victim of a Magecart attack, credit card data exposed

Crooks claim to have stolen 20k customer records from Superdrug cosmetics retailer

US-based children’s clothing maker Hanna Andersson discloses a data breach

Hackers stole credit card data from JM Bullion online bullion dealer

SHEIN Data breach affected 6.42 million users

Toymaker giant Mattel disclosed a ransomware attack

Croatia’s largest petrol station chain INA group hit by ransomware attack

North Korean Lazarus APT stole credit card data from US and EU stores

Decathlon Spain data leak exposed Spanish employees’ data & more

Report: Threat of Emotet and Ryuk

Key Ring digital wallet exposes data of 14 Million users in data leak

Freedom Mobile data breach impacts at least 15,000 customers

Security Affairs newsletter Round 245

Australia banned Huawei from 5G network due to security concerns

Russian TA505 threat actor target financial entities worldwide

440M records found online in unprotected database belonging to Estée Lauder

VF Corp December data breach impacts 35 million customers

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs newsletter Round 181 – News of the week

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

Operator of Scan4You Malware-Scanning sentenced to 14 Years in prison

Ritz hotel diners were victims of a sophisticated scam

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

Leicester City Football Club disclosed a card breach

Nefilim ransomware gang published Luxottica data on its leak site

Steelcase office furniture giant hit by Ryuk ransomware attack

State attorneys general announced a $1.5 million settlement with Neiman Marcus

Breach at Dickey’s BBQ Smokes 3M Cards

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Threat Report Portugal: Q2 2020

Hacker who reported a flaw in Hungarian Magyar Telekom faces up to 8-years in jail

FBI warns US organizations of ProLock ransomware decryptor not working

Threat Report Portugal Q1 2020

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Wawa card breach: 30 million card records for sale in the dark web

Stay Connected