2023, Retail and Security - Information Management Today

Fashion retailer Forever 21 data breach impacted +500,000 individuals

Security Affairs

AUGUST 31, 2023

Fashion retailer Forever 21 disclosed a data breach that exposed the personal information of more than 500,000 individuals. On March 20, 2023, the fashion retailer Forever 21 has discovered a cyber incident that impacted a limited number of systems. The retailer also notified law enforcement.

Retail

Retail Data breaches Personal data Ransomware

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, OmniVision employed 2,200 people and had an annual revenue of $1.4 In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. OmniVision Technologies Inc.

Data breaches

Data breaches Ransomware Manufacturing Encryption

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. of attacks in 2023), while summer was the most active for ransomware attacks (30.4%). The top 10 groups, based on the number of victims, collectively account for 59% of the total victims in 2023.

Ransomware

Ransomware Manufacturing Retail Insurance

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

Security Affairs

JANUARY 1, 2024

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. Coop is one of the largest retail and grocery providers in Sweden, with approximately 800 stores across the country. The stores are co-owned by 3.5 million members in 29 consumer associations.

Retail

Retail Ransomware Encryption Access

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Volvo’s retailer in Brazil, Dimas Volvo, leaked sensitive files through its website. website, belonging to an independent Volvo retailer in the Santa Catarina region of Brazil.

Retail

Retail Manufacturing Communications Passwords

Hacker stole credit cards from the website of Canada’s largest alcohol retailer LCBO

Security Affairs

JANUARY 15, 2023

The Canadian Liquor Control Board of Ontario (LCBO), the largest beverage alcohol retailer in the country, disclosed Magecart attack. Canadian Liquor Control Board of Ontario (LCBO), the largest beverage alcohol retailer in the country, disclosed a Magecart attack on January 10, 2023. — LCBO (@LCBO) January 10, 2023.

Retail

Retail Sales Passwords Cybersecurity

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence

Artificial Intelligence Security Data breaches Ransomware

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 3, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Being Used to Phish So Many of Us?

Security

Security Ransomware Data breaches IoT

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

Thales Cloud Protection & Licensing

NOVEMBER 26, 2024

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday josh.pearson@t… Tue, 11/26/2024 - 08:01 As Black Friday and Cyber Monday loom, the stakes for retailers extend far beyond enticing deals and record sales. With retail sales during 2024 set to grow to between $5.23 trillion and $5.28 trillion and $5.28

Retail

Retail Risk Data breaches Sales

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Security Affairs

NOVEMBER 23, 2023

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone is an American retailer and distributor of automotive parts and accessories. The company is one of the largest aftermarket automotive parts and accessories retailers in the United States.

Data breaches

Data breaches Retail Education Ransomware

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

The alert provides Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) obtained from law enforcement investigations and reports from third-party security firms. Most of the victims are in the manufacturing, engineering and construction, and retail sectors. ” reads the CSA. in Germany, and 5.9%

Ransomware

Ransomware Blockchain Retail Insurance

Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition

Security Affairs

APRIL 16, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Every week the best security articles from Security Affairs are free for you in your email box. The post Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Data breaches

Data breaches Security Libraries Retail

VF Corp December data breach impacts 35 million customers

Security Affairs

JANUARY 19, 2024

In December 2023, VF Corp announced it was the victim of a ransomware attack and was forced to take some systems down to contain the threat. On December 13, 2023, VF Corp detected unauthorized access to a portion of its infrastructure. The incident interrupted retail store inventory replenishment and delayed order fulfillment.

Data breaches

Data breaches Passwords Retail Insurance

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

Impacted customers include Sweden’s largest cinema chain Filmstaden (the attack disrupted its online ticket system) and the discount retail chain Rusta. ” BleepingComputer first reported that the security breach was the result of an Akira ransomware attack. Tietoevry notified law enforcement and impacted customers.

Ransomware

Ransomware Government Retail Cloud

News Alert: Reflectiz declares war on Magecart web-skimming attacks as holidays approach

The Last Watchdog

SEPTEMBER 5, 2023

5, 2023 — Reflectiz , a cybersecurity company specializing in continuous web threat management offers an exclusive, fully remote solution to battle Magecart web-skimming attacks, a popular type of cyberattacks involving injecting malicious code into the checkout pages. Tel Aviv, Israel, Sept.

Retail

Retail Communications Marketing Cybersecurity

ICICI Bank exposed credit card data of 17000 customers

Security Affairs

APRIL 28, 2024

It offers a wide range of banking and financial services for corporate and retail customers. In April 2023, researchers at Cybernews reported that ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients. of the bank’s credit card portfolio.

Financial Services

Financial Services Retail IT Information Security

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide. .

Energy and Utilities

Energy and Utilities Military Government Phishing

Cactus ransomware gang claims the Schneider Electric hack

Security Affairs

JANUARY 30, 2024

The company is working to restore the impacted systems and is investigating the incident with the help of leading cybersecurity firms, The Cactus ransomware operation has been active since March 2023, despite the threat actors use a double-extortion model, their data leak site has yet to be discovered.

Ransomware

Ransomware Data breaches Digital transformation Encryption

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs

FEBRUARY 19, 2024

link] pic.twitter.com/z91nfnGYAQ — Dominic Alvieri (@AlvieriD) February 19, 2024 The Cactus ransomware operation has been active since March 2023, Kroll researchers reported that the ransomware strain is notable for the use of encryption to protect the ransomware binary. Cactus Ransomware has just posted Schneider Electric.

Ransomware

Ransomware Digital transformation Encryption Retail

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

It has been used to attack more than 329 organizations globally and has grown to become the fourth-most active strain of ransomware by number of victims in 2022-2023.” ” Most of the victims are in the manufacturing, engineering and construction, and retail sectors. ” reads the Elliptic’s report.

Ransomware

Ransomware Blockchain Retail Insurance

Energy company Suncor suffered a cyber attack and its company Petro-Canada gas reported problems at its gas stations in Canada

Security Affairs

JUNE 26, 2023

It owns the Petro-Canada retail and wholesale distribution networks. “Suncor (TSX: SU) (NYSE: SU) has experienced a cyber security incident. A cyber attack against Suncor Energy made the headlines because Petro-Canada gas stations across Canada have been reportedly impacted by technical problems. Thanks for your patience!

IT

IT Retail Security Information Security

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

According to the company, they have over 600,000 Cameras and 50,000 Recorders installed all over the world in multiple sectors such as Banking, Retail, Government, etc. At this time, the vendor has yet to release security patches to address the flaw. ” reads the advisory published by Fortinet. . in MVPower CCTV DVR models.

Authentication

Authentication Retail Education Marketing

Clop ransomware gang was testing MOVEit Transfer bug since 2021

Security Affairs

JUNE 9, 2023

Kroll security experts discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. The experts speculate the Clop group potentially had an exploit for the MOVEit Transfer vulnerability prior to the GoAnywhere MFT secure file transfer tool exploitation that took place in February 2023.

Ransomware

Ransomware Retail Access Personal data

UK communications regulator Ofcom hacked with a MOVEit file transfer zero-day

Security Affairs

JUNE 13, 2023

The threat actors exploited the zero-day flaw ( CVE-2023-34362 ,) in MOVEit file transfer and access the infrastructure of the regulator. We took immediate action to prevent further use of the MOVEit service and to implement the recommended security measures.

Communications

Communications Data breaches Ransomware Personal data

2021 data breach exposed data of 70 Million Luxottica customers

Security Affairs

MAY 20, 2023

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. The investigation into the security breach is still ongoing. “We Luxottica Group S.p.A.

Data breaches

Data breaches Retail Ransomware Sales

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

JUNE 22, 2023

.” The written notice goes on to say UPS believes the data exposure “affected packages for a small group of shippers and some of their customers from February 1, 2022 to April 24, 2023.” “It seems likely to me that UPS is leaking information somehow about upcoming deliveries.” info , legodelivery[.]info

Phishing

Phishing Retail IT Communications

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Security Affairs

JUNE 7, 2023

MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files using SFTP, SCP, and HTTP-based uploads. One of Zellis’s customers, the British health and beauty retailer and pharmacy chain Boots also confirmed to have been impacted by the attack. ” reads the message published by the gang.

Ransomware

Ransomware Retail Personal data Access

Holiday Shopping Readiness: How is Retail Data Security Holding Up?

Thales Cloud Protection & Licensing

NOVEMBER 5, 2024

Holiday Shopping Readiness: How is Retail Data Security Holding Up? Retailers have been prepping for this season all year and are ready to provide a safe, secure, and seamless customer shopping experience. According to the National Retail Federation (NFR), retail sales during 2024 will grow between 2.5%

Retail

Retail Security Data breaches Compliance

Oil and gas giant Shell is another victim of Clop ransomware attacks

Security Affairs

JUNE 16, 2023

Oil and Gas giant Shell has confirmed that it is one of the victims of the recent large-scale ransomware campaign conducted by the Clop gang exploiting a MOVEit zero-day vulnerability Threat actors are actively exploiting the zero-day vulnerability, tracked as CVE-2023-34362 , to steal data from organizations worldwide.

Ransomware

Ransomware Data breaches Retail Government

List of Data Breaches and Cyber Attacks in 2023

IT Governance

JUNE 1, 2023

On this page, you will find all our usual information breaking down the month’s security incidents. Meanwhile, you can subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. With that out of the way, it’s time to move on to May 2023.

Data breaches

Data breaches Insurance Personal data Ransomware

Solid Data Security: The Foundation of a Safe Digital World

Thales Cloud Protection & Licensing

OCTOBER 16, 2024

Solid Data Security: The Foundation of a Safe Digital World madhav Thu, 10/17/2024 - 04:58 It’s that time of year again. This year’s theme, “Secure Our World,” encourages people to safeguard the digital assets that are instrumental to their personal and professional lives. Oh, and it’s Cybersecurity Awareness Month. The result?

Security

Security Encryption Data breaches Cybersecurity

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

IT Governance

DECEMBER 5, 2023

The security researcher Bob Diachenko of SecurityDiscovery first identified the exposed information in mid-September. We’ve also found 9 organisations providing a significant update on a previously disclosed incident. Organisation name Sector Location Data exfiltrated?

Data Privacy

Data Privacy Privacy Manufacturing Security

New Lobshot hVNC malware spreads via Google ads

Security Affairs

MAY 1, 2023

Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. Russian TA505 hacking group , aka Evil Corp , has been active since 2014 focusing on Retail and banking sectors. ” reads the report published by Elastic Security Labs.

Retail

Retail Access Security Education

Security AI and automation are key in protecting against costly data breaches for retailers and consumer goods businesses

IBM Big Data Hub

OCTOBER 3, 2023

The rise of online commerce over the last two decades has completely transformed the retail and consumer goods industries—and with smartphone adoption accelerating globally, the share of shopping done via the internet will only continue to expand. For retail, the average data breach studied cost $2.96

Retail

Retail Data breaches Security Manufacturing

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Krebs on Security

FEBRUARY 1, 2024

.” Colorado resident Emily “Em” Hernandez allegedly helped the group gain access to victim devices in service of SIM-swapping attacks between March 2021 and April 2023. 11, 2022 after they SIM-swapped an AT&T customer by impersonating them at a retail store using a fake ID. Indiana resident Carter Rohn , a.k.a.

Blockchain

Blockchain Ransomware Retail Analytics

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity sparsh Tue, 11/21/2023 - 05:01 As global consumers gear up for the much-anticipated shopping bonanza that is Black Friday and Cyber Weekend, retailers brace themselves for the frenzied onslaught of shoppers and the deluge of cyber threats lurking in the shadows.

Retail

Retail Cybersecurity Financial Services Encryption

Threat Report Portugal: Q3 & Q4 2022

Security Affairs

APRIL 6, 2023

This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipate emerging threats, and manage security awareness in a better way. Next, Retail and Health, as the most sectors affected in this season.

Phishing

Phishing Data collection Retail Security awareness

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

Researchers from the German cyber security company Aplite discovered 3,806 servers from 111 countries accessible on the Internet. Source (New) Retail USA Yes 2,469 Three GreatStar Industrial Co. Source (New) Manufacturing Japan Yes Unknown Midland Industries Source (New) Retail USA Yes Unknown Rosen’s Diversified, Inc.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

2022 Retail Industry Year in Review

Hunton Privacy

JANUARY 27, 2023

On January 25, 2023, Hunton Andrews Kurth’s retail industry team released its annual Retail Industry in Review publication, which provides an overview of key issues and trends that impacted the retail sector in the past year, as well as a preview of relevant legal issues retailers can expect to arise in 2023.

Retail

Retail Insurance Cybersecurity Privacy

51 Must-Know Phishing Statistics for 2023

IT Governance

JUNE 8, 2023

We’ve looked at sources such as IBM’s Cost of a Data Breach Report , Verizon’s 2023 DBIR (Data Breaches and Investigations Report) and Proofpoint’s The State of Phishing report , and found 50 essential stats to reveal the threat that phishing plays – plus we have an extra statistic to explain how you can prevent attacks. com’ websites.

Phishing

Phishing Data breaches Government Communications

Who Stole 3.6M Tax Records from South Carolina?

Krebs on Security

APRIL 16, 2024

The answer may no longer be a mystery: KrebsOnSecurity found compelling clues suggesting the intrusion was carried out by the same Russian hacking crew that stole of millions of payment card records from big box retailers like Home Depot and Target in the years that followed. “At the time, it was one of the largest breaches in U.S.

Sales

Sales Retail Insurance IT

Connected Customer 360 Profiles for Retail & Luxury Brands

Reltio

JUNE 22, 2020

3 Things Data Innovators at Retail & Luxury Brands Have in Common. Retail and luxury brand leaders may use different terms to describe customers, including “clients” or “guests.” According to Accenture , 71% of retail executives believe digital demographics are expanding the number of ways they deliver products and services.

Retail

Retail MDM Customer Experience Analytics

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

retailers, including Saks Fifth Avenue, Lord and Taylor , Bebe Stores , Hilton Hotels , Jason’s Deli , Whole Foods , Chipotle , Wawa , Sonic Drive-In , the Hy-Vee supermarket chain , Buca Di Beppo , and Dickey’s BBQ. Alex Holden is founder of the Milwaukee-based cybersecurity firm Hold Security.

Ransomware

Ransomware Retail Government Sales

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

In January 2023, the Faceless service website said it was willing to pay for information about previously undocumented security vulnerabilities in IoT devices. Recently, Faceless has shown ambitions beyond just selling access to poorly-secured IoT devices.

Passwords

Passwords IoT Sales Retail

Fashion retailer Forever 21 data breach impacted +500,000 individuals

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Webinars

Trending Sources

Ransomware attacks break records in 2023: the number of victims rose by 128%

Webinars

Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

Volvo retailer leaks sensitive files

Hacker stole credit cards from the website of Canada’s largest alcohol retailer LCBO

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition

VF Corp December data breach impacts 35 million customers

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

News Alert: Reflectiz declares war on Magecart web-skimming attacks as holidays approach

ICICI Bank exposed credit card data of 17000 customers

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Cactus ransomware gang claims the Schneider Electric hack

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Energy company Suncor suffered a cyber attack and its company Petro-Canada gas reported problems at its gas stations in Canada

Fortinet warns of a spike in attacks against TBK DVR devices

Clop ransomware gang was testing MOVEit Transfer bug since 2021

UK communications regulator Ofcom hacked with a MOVEit file transfer zero-day

2021 data breach exposed data of 70 Million Luxottica customers

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Holiday Shopping Readiness: How is Retail Data Security Holding Up?

Oil and gas giant Shell is another victim of Clop ransomware attacks

List of Data Breaches and Cyber Attacks in 2023

Solid Data Security: The Foundation of a Safe Digital World

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

New Lobshot hVNC malware spreads via Google ads

Security AI and automation are key in protecting against costly data breaches for retailers and consumer goods businesses

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Threat Report Portugal: Q3 & Q4 2022

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

2022 Retail Industry Year in Review

51 Must-Know Phishing Statistics for 2023

Who Stole 3.6M Tax Records from South Carolina?

Connected Customer 360 Profiles for Retail & Luxury Brands

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Giving a Face to the Malware Proxy Service ‘Faceless’

Stay Connected