• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • December 12th, 2019
  • Home
  • About Us
  • Team
  • Advertise
  • Submit News
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Google+
    • Linkedin
    • Youtube
Home » Hacking News » Lord & Taylor & Saks customers payment cards stolen, sold on Dark Web

Lord & Taylor & Saks customers payment cards stolen, sold on Dark Web

April 2nd, 2018 Carolina Hacking News 0 comments
Lord & Taylor & Saks customers payment cards stolen, sold on Dark Web
Share on FacebookShare on Twitter

Apparently, FIN7 hackers are behind the breach – The same group was behind targeting Trump Hotels. 

The Hudson’s Bay owned Lord & Taylor and Saks Fifth Avenue department stores have suffered a massive data breach in which 5 million payment cards data of its customers have been stolen and available on the dark web for sale.

FIN7 hacks The Hudson’s Bay’s subsidiaries

The data breach was identified by Gemini Advisory, a threat analysis, and dark web research company. According to their findings, the hackers behind this breach belong to JokerStash hacking syndicate also known as Fin7 known for carrying out sophisticated phishing scams.

The researchers who saw the data being sold on dark web noted that it contains payment card data from May 2017 to present. There is, however, no indication that driver’s license numbers, Social Security or Social Insurance numbers or PINs have been affected by this issue.

“Based on the analysis of records that are currently available, it appears that all Lord & Taylor and 83 US-based Saks Fifth Avenue locations have been compromised. In addition, we identified three potentially compromised stores located in Ontario, Canada. However, the majority of stolen credit cards were obtained from New York and New Jersey locations.”

FIN7 hackers are calling it BIGBADABOOM – 2 in which (125,000 Saks Fifth Avenue and 90,000 records for Lord & Taylor) stolen records are being sold and it is a matter of time before the whole cache will go up for sale. However, it is noteworthy that the same group has been behind other high-profile breaches including Trump Hotels, Omni Hotels, Whole Foods and Chipotle.

Lord & Taylor & Saks customers payment cards stolen, sold on Dark Web

Screenshot of the Dark Web marketplace where hackers are selling the stolen data (Gemini Advisory)

More: 3,000 Databases with 200 Million Unique accounts found on Dark Web

“This incident shows once again merchants still need to protect themselves against POS system infiltration attacks targeting cardholder data. A multi-layer security strategy is necessary. Retailers must start by segmenting their POS networks, using next-gen firewalls to block data exfiltration and implement constant monitoring and endpoint threat detection,” said Mark Cline, VP at Netsurion. “If nothing else, dwell time of such an attack would be reduced to hours or days. After all, the report is that this attack has persisted for almost a year, just as we have seen in previous massive card breaches.”

Your identity on Dark Web is worth a few dollars

It is not surprising that FIN7 hackers are selling the stolen The Hudson’s Bay data on Dark Web. Last week, a research revealed that hackers have access to a massive trove of user data although much of it is of little monetary value including Facebook accounts that are sold for only $5.20 while a Gmail ID is worth just $1.

However, for The Hudson’s Bay customer challenge is that once on the Internet it is always on the Internet. Therefore, the company has to be ready to deal with the difficulties coming its way. At the time of publishing this article, the company is investigating the issue and plan to offer free identity protection services, including credit and web monitoring.

Image credit: Depositphotos

More: Life is cheap! Well it is on Dark Web where your entire identity is for sale

  • Tags
  • credit card
  • Cyber Attack
  • Cyber Crime
  • dark web
  • FIN7
  • Fraud
  • hacking
  • internet
  • LEAKS
  • Phishing
  • Scam
  • security
Facebook Twitter Google+ LinkedIn Pinterest
Previous article US may screen social media of Immigrant & Non-Immigrant Visa Applicants
Next article Phishing scam: Italian football club tricked into sending out €2m to crooks
Carolina

Carolina

Carolina works for HackRead as a technical writer. She is a Brazilian traveller who has been to almost every country around the world. She has a keen interest in technology, gadgets and social media.

Related Posts
Private details of Palo Alto Networks employees leaked online

Private details of Palo Alto Networks employees leaked online

UPbit cryptocurrency exchange hacked; Ether worth $50 million stolen

UPbit cryptocurrency exchange hacked; Ether worth $50 million stolen

Hacker Releases 2TB of Data from Cayman National Bank

Hacker Releases 2TB of Data from Cayman National Bank

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

LATEST POSTS
Plundervolt: A new attack on Intel processors threatening SGX data
Security

Plundervolt: A new attack on Intel processors threatening SGX data

30
2.7 billion email addresses & plain-text passwords exposed online
Leaks

2.7 billion email addresses & plain-text passwords exposed online

1112
Cyber attack cripples networks in city of Pensacola days after shooting
Cyber Attacks

Cyber attack cripples networks in city of Pensacola days after shooting

662
20 years prison for Romanian hackers who infected 400,000 computers
Cyber Crime

20 years prison for Romanian hackers who infected 400,000 computers

752

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us