2017, Data, Information Security and Retail - Information Management Today

Fashion retailer Forever 21 data breach impacted +500,000 individuals

Security Affairs

AUGUST 31, 2023

Fashion retailer Forever 21 disclosed a data breach that exposed the personal information of more than 500,000 individuals. On March 20, 2023, the fashion retailer Forever 21 has discovered a cyber incident that impacted a limited number of systems. The retailer also notified law enforcement.

Retail

Retail Data breaches Personal data Ransomware

How data breaches are affecting the retail industry

IT Governance

AUGUST 21, 2018

Data breaches. What steps will the ICO (Information Commissioner’s Office) take to ensure organisations comply with the recently enforced GDPR (General Data Protection Regulation)? Customers of the Adidas.com website may have been affected by a breach after an unauthorised party gained access to customer data.

Retail

Retail Data breaches GDPR Compliance

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have included dormant software that could be exploited by attackers to compromise them. ” reads the report. ” reads the report.

Retail

Retail Data breaches Sales Passwords

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

List of data breaches and cyber attacks in November 2017 – 59 million records leaked

IT Governance

NOVEMBER 29, 2017

What’s certainly not a good sign, however, is the number of data breaches caused by organisations’ own employees. Basic information security practices – and I really do mean basic – are ignored over and over again, and for what? Cash Converters hacked; customer data held for ransom. Data breach.

Data breaches

Data breaches Retail Privacy Phishing

The California Consumer Privacy Act Surfaces in Recent Data Breach Class Action Complaint

Hunton Privacy

FEBRUARY 7, 2020

Assuming the plaintiff does so, she might face retroactivity hurdles, given the data breach allegedly “occurred from September 16, 2019 to November 11, 2019,” and the CCPA is not expressly retroactive. Int’l , 2017 WL 6543822, at *7 (C.D. Hanna Andersson, LLC, et al., 3:20-cv-00812. Weinberg v. Valeant Pharm.

Data breaches

Data breaches Privacy Retail Security

UK ICO Issues Unprecedented Fine Against Mobile Phone Retailer for Lax Security

Hunton Privacy

JANUARY 12, 2018

On January 8, 2017, the UK Information Commissioner (“ICO”) issued an unprecedented monetary penalty of £400,000 against British mobile phone retailer, The Car Phone Warehouse Limited. In its decision, the ICO meticulously detailed the chronology of events and technical failures that led to the breach.

Retail

Retail Personal data Security GDPR

Facing Privacy Suits About Facial Recognition: BIPA Cases Move Forward as More States Consider Passing Biometric Data Laws

Hunton Privacy

OCTOBER 4, 2017

Recent judicial interpretations of the Illinois Biometric Information Privacy Act (“BIPA”), 740 ILCS 14, present potential litigation risks for retailers who employ biometric-capture technology, such as facial recognition, retina scan or fingerprint software. 1493, 2017 Sess. 16 C 10984, 2017 WL 4099846 (N.D.

Privacy

Privacy Retail Marketing Risk

Neiman Marcus Agrees to Settlement in Data Breach Class Action

Hunton Privacy

MARCH 21, 2017

On March 17, 2017, retailer Neiman Marcus agreed to pay $1.6 million as part of a proposed settlement (the “Settlement”) to a consumer class action lawsuit stemming from a 2013 data breach that allegedly compromised the credit card data of approximately 350,000 customers.

Data breaches

Data breaches Retail Information Security Education

3 ways a data breach can occur

IT Governance

OCTOBER 9, 2018

We’ve talked a lot recently about the financial effects of data breaches and how you should respond to incidents , but that still leaves the question of how data breaches occur. This blog looks at some real-world examples of some of the most common causes of data breaches and explains how they occurred. Recent malware attacks.

Data breaches

Data breaches Ransomware Phishing Retail

Heathrow Airport fined £120,000 for data breach

IT Governance

OCTOBER 9, 2018

The ICO (Information Commissioner’s Office) has fined Heathrow Airport £120,000 for failing to secure sensitive personal data after a member of public found an unencrypted USB stick containing data about the airport’s staff. How did the data breach occur? However, the ICO hasn’t confirmed this.

Data breaches

Data breaches Personal data Libraries Information Security

Researcher leaked a dataset of over 7,000,000 transactions scraped from the Venmo public API

Security Affairs

JUNE 18, 2019

Public data includes names, dates, pictures and messages sent, Hang Do Thi Duc was able to track a profile for some of them, such as two users identified with the monikers ‘The Cannabis Retailer’ and the ‘The cord dealer.’ 943 transactions in 2017.” this public URL. ” wrote Salmon.

Retail

Retail Privacy Access Security

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

AUGUST 21, 2019

As people have growing opportunities to shop online, the chances for hackers to carry out lucrative cyberattacks in the retail sector also go up. Statistics from 2016 showed that the average cost per compromised retail record was $172. People are becoming less tolerant of retailers that have widescale data breaches.

Cybersecurity

Cybersecurity Retail Manufacturing Data breaches

SEC Office of Compliance Inspections and Examinations Publishes 2018 Exam Priorities

Data Matters

FEBRUARY 13, 2018

Securities and Exchange Commission (the Commission) released its annual National Exam Program Examination Priorities (Exam Priorities). 1 As has been widely reported, the Exam Priorities’ general focus areas include: retail investors. 1 As has been widely reported, the Exam Priorities’ general focus areas include: retail investors.

Compliance

Compliance Retail Cybersecurity Risk

TA544 group behind a spike in Ursnif malware campaigns targeting Italy

Security Affairs

OCTOBER 3, 2021

TA544 is a financially motivated threat actor that is active at least since 2017, it focuses on attacks on banking users, it leverages banking malware and other payloads to target organizations worldwide, mainly in Italy and Japan. Banca Sella UniCredit Group. ” concludes the report.

Retail

Retail Phishing Cybersecurity Risk

Hundreds of C-level executives credentials available for $100 to $1500 per account

Security Affairs

NOVEMBER 28, 2020

ZDnet confirmed the authenticity for some of the data available for sale. Experts from threat intelligence firm KELA , speculate the threat actor could have obtained the credentials buying “Azor logs,” which are lots of data stolen from computers infected with the AzorUlt info-stealer trojan. ” reported ZDNet.

Sales

Sales Access Retail Data collection

A Chief Security Concern for Executive Teams

Krebs on Security

DECEMBER 18, 2018

KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). Take the mega breach at Equifax last year that exposed the personal and financial data on 148 million people.

Security

Security Marketing Cybersecurity Data breaches

Americans lost $770 million from social media fraud in 2021, FTC reports

Security Affairs

JANUARY 30, 2022

These data are the result of the increased exposure of netizens through social media. The US agency received over 95,000 reports from US consumers victims of social media frauds, this marks an 18-fold increase over 2017 reported losses and more than double compared to 2020.

Retail

Retail Marketing Privacy IT

SEC Announces Examination Priorities for 2019

Data Matters

JANUARY 16, 2019

In fiscal year (FY) 2018, the OCIE National Exam Program examined approximately 17 percent of SEC-registered advisers (RIAs), up from 15 percent during FY 2017 and 11 percent during FY 2016. Exams are Risk-Based and Data-Driven. Continued Focus on Retail Investors. Just five years ago, 9 percent of RIAs were examined.

Retail

Retail Compliance Risk Marketing

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Data Matters

JANUARY 24, 2020

Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year. Protection of Retail Investors . Retail-Targeted Investments.

Cybersecurity

Cybersecurity Retail Compliance Marketing

Hackers stole card details from BriansClub carding site

Security Affairs

OCTOBER 20, 2019

BriansClub, one of the biggest a dark web “carding store,” which specializes in the sale of stolen payment card data, has been hacked. . at ), one of the biggest black market sites, that specializes in the sale of stolen credit card data. million cards in 2017; and 9.2 Hackers have breached BriansClub ( BriansClub [. ]

Sales

Sales Retail Archiving Marketing

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

Data Matters

FEBRUARY 20, 2020

Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year. Protection of Retail Investors . Retail-Targeted Investments.

Retail

Retail Compliance Marketing Risk

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". He describes the events leading up to it in this 2017 podcast. The Heartbeat Problem. through 1.0.1f

Encryption

Encryption Retail Security Passwords

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". He describes the events leading up to it in this 2017 podcast. The Heartbeat Problem. through 1.0.1f

Encryption

Encryption Retail Security Passwords

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

Compared to its predecessors, the sixth “Hi-Tech Crime Trends” report is the first to contain chapters devoted to the main industries attacked and covers the period from H2 2018 to H1 2019, as compared to the period from H2 2017 to H1 2018. Bank card compromise, carding, and data leaks. million to 43.8

IT

IT Military Cybersecurity Phishing

Lotsy group targets Italian and Spanish-speaking users

Security Affairs

AUGUST 2, 2019

After researching and blocking these resources, Group-IB’s team discovered several other fake websites illegally using famous international brands, including Conad (Italian retail store), Target (International retail stores), Carrefour (international chain of hypermarkets) and many others. How does this scheme work?

Retail

Retail Marketing Cybersecurity Phishing

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". He describes the events leading up to it in this 2017 podcast. The Heartbeat Problem. through 1.0.1f

Encryption

Encryption Retail Security Passwords

2019 end-of-year review part 2: July to December

IT Governance

DECEMBER 30, 2019

Welcome to the second part of our round-up of 2019’s information security stories. The second half of the year began with major data privacy news: the UK’s data protection authority, the ICO (Information Commissioner’s Office), announced its intention to fine British Airways and Marriott International a combined £282.6

Data breaches

Data breaches Personal data GDPR Ransomware

FTC Hosts Workshop on Informational Injury

Hunton Privacy

DECEMBER 15, 2017

On December 12, 2017, the Federal Trade Commission hosted a workshop on informational injury in Washington, D.C. Later in the afternoon, the discussion turned to business and consumer perspectives on the benefits, costs and risks of collecting and sharing data.

Privacy

Privacy Risk Retail Insurance

Don’t gift cyber attackers a free pass into your organisation this Christmas

IT Governance

DECEMBER 1, 2017

Retailers are the most affected , but lax security over Christmas is a problem for all organisations. If the account contains sensitive information, organisations should consider using multi-factor or hardware-based tokens in place of system-level passwords. Employees are often directly responsible for data breaches.

Passwords

Passwords Phishing Data breaches Retail

What can banks do to address mounting cyber security challenges?

IT Governance

MARCH 27, 2019

Things are particularly bad among investment banks, which saw a tenfold increase year-on-year (from 3 to 34), and retail banks (from 1 to 25). You might remember that in April 2017, seven British banks, including Santander, Royal Bank of Scotland and Barclays, were forced offline following a series of attacks. More threat actors’.

Security

Security Retail Data breaches Government

How to compete in the cybersecurity talent tug of war

CGI

OCTOBER 24, 2017

Tue, 10/24/2017 - 07:00. Across business and technology media alike, I’ve seen frequent coverage of the hundreds of thousands of cybersecurity and IT security job openings that are not getting filled. Maturing an organization to utilize more low-level automation tools can help reduce some requirements for security-related FTEs.

Cybersecurity

Cybersecurity Retail Marketing Government

FINRA Issues Its 2019 Risk Monitoring and Examination Priorities Letter

Data Matters

JANUARY 29, 2019

FINRA will assess firms’ compliance with the Financial Crimes Enforcement Network’s newly enhanced customer due diligence rule, focusing on the data integrity of suspicious activity monitoring systems as well as the decisions associated with changes to those systems. Customer Due Diligence and Suspicious Activity Reviews. Market Risks.

Risk

Risk IT Compliance Marketing

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. When I was working for a retail company I thought it was fantastic. Welcome to the Hacker Mind, an original podcast from ForAllSecure.

IT

IT Manufacturing Government Paper

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. When I was working for a retail company I thought it was fantastic. Welcome to the Hacker Mind, an original podcast from ForAllSecure.

IT

IT Manufacturing Government Paper

Information Management Today

Fashion retailer Forever 21 data breach impacted +500,000 individuals

How data breaches are affecting the retail industry

Webinars

Trending Sources

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Webinars

List of data breaches and cyber attacks in November 2017 – 59 million records leaked

The California Consumer Privacy Act Surfaces in Recent Data Breach Class Action Complaint

UK ICO Issues Unprecedented Fine Against Mobile Phone Retailer for Lax Security

Facing Privacy Suits About Facial Recognition: BIPA Cases Move Forward as More States Consider Passing Biometric Data Laws

Neiman Marcus Agrees to Settlement in Data Breach Class Action

3 ways a data breach can occur

Heathrow Airport fined £120,000 for data breach

Researcher leaked a dataset of over 7,000,000 transactions scraped from the Venmo public API

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

SEC Office of Compliance Inspections and Examinations Publishes 2018 Exam Priorities

TA544 group behind a spike in Ursnif malware campaigns targeting Italy

Hundreds of C-level executives credentials available for $100 to $1500 per account

A Chief Security Concern for Executive Teams

Americans lost $770 million from social media fraud in 2021, FTC reports

SEC Announces Examination Priorities for 2019

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Hackers stole card details from BriansClub carding site

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

The Fuzzing Files: The Anatomy of a Heartbleed

The Fuzzing Files: The Anatomy of a Heartbleed

Group-IB presents its annual report on global threats to stability in cyberspace

Lotsy group targets Italian and Spanish-speaking users

The Fuzzing Files: The Anatomy of a Heartbleed

2019 end-of-year review part 2: July to December

FTC Hosts Workshop on Informational Injury

Don’t gift cyber attackers a free pass into your organisation this Christmas

What can banks do to address mounting cyber security challenges?

How to compete in the cybersecurity talent tug of war

FINRA Issues Its 2019 Risk Monitoring and Examination Priorities Letter

The Hacker Mind Podcast: Hacking Healthcare

The Hacker Mind Podcast: Hacking Healthcare

Stay Connected