• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 26th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Hacking News

Lord & Taylor & Saks customers payment cards stolen, sold on Dark Web

April 2nd, 2018 Carolina Hacking News 0 comments
Lord & Taylor & Saks customers payment cards stolen, sold on Dark Web
Share on FacebookShare on Twitter

Apparently, FIN7 hackers are behind the breach – The same group was behind targeting Trump Hotels. 

The Hudson’s Bay owned Lord & Taylor and Saks Fifth Avenue department stores have suffered a massive data breach in which 5 million payment cards data of its customers have been stolen and available on the dark web for sale.

FIN7 hacks The Hudson’s Bay’s subsidiaries

The data breach was identified by Gemini Advisory, a threat analysis, and dark web research company. According to their findings, the hackers behind this breach belong to JokerStash hacking syndicate also known as Fin7 known for carrying out sophisticated phishing scams.

The researchers who saw the data being sold on dark web noted that it contains payment card data from May 2017 to present. There is, however, no indication that driver’s license numbers, Social Security or Social Insurance numbers or PINs have been affected by this issue.

“Based on the analysis of records that are currently available, it appears that all Lord & Taylor and 83 US-based Saks Fifth Avenue locations have been compromised. In addition, we identified three potentially compromised stores located in Ontario, Canada. However, the majority of stolen credit cards were obtained from New York and New Jersey locations.”

FIN7 hackers are calling it BIGBADABOOM – 2 in which (125,000 Saks Fifth Avenue and 90,000 records for Lord & Taylor) stolen records are being sold and it is a matter of time before the whole cache will go up for sale. However, it is noteworthy that the same group has been behind other high-profile breaches including Trump Hotels, Omni Hotels, Whole Foods and Chipotle.

Lord & Taylor & Saks customers payment cards stolen, sold on Dark Web

Screenshot of the Dark Web marketplace where hackers are selling the stolen data (Gemini Advisory)

More: 3,000 Databases with 200 Million Unique accounts found on Dark Web

“This incident shows once again merchants still need to protect themselves against POS system infiltration attacks targeting cardholder data. A multi-layer security strategy is necessary. Retailers must start by segmenting their POS networks, using next-gen firewalls to block data exfiltration and implement constant monitoring and endpoint threat detection,” said Mark Cline, VP at Netsurion. “If nothing else, dwell time of such an attack would be reduced to hours or days. After all, the report is that this attack has persisted for almost a year, just as we have seen in previous massive card breaches.”

Your identity on Dark Web is worth a few dollars

It is not surprising that FIN7 hackers are selling the stolen The Hudson’s Bay data on Dark Web. Last week, a research revealed that hackers have access to a massive trove of user data although much of it is of little monetary value including Facebook accounts that are sold for only $5.20 while a Gmail ID is worth just $1.

However, for The Hudson’s Bay customer challenge is that once on the Internet it is always on the Internet. Therefore, the company has to be ready to deal with the difficulties coming its way. At the time of publishing this article, the company is investigating the issue and plan to offer free identity protection services, including credit and web monitoring.

Image credit: Depositphotos

More: Life is cheap! Well it is on Dark Web where your entire identity is for sale

  • Tags
  • credit card
  • Cyber Attack
  • Cyber Crime
  • dark web
  • FIN7
  • Fraud
  • hacking
  • internet
  • LEAKS
  • Phishing
  • Scam
  • security
Facebook Twitter LinkedIn Pinterest
Previous article US may screen social media of Immigrant & Non-Immigrant Visa Applicants
Next article Phishing scam: Italian football club tricked into sending out €2m to crooks
Carolina

Carolina

Carolina works for HackRead as a technical writer. She is a Brazilian traveller who has been to almost every country around the world. She has a keen interest in technology, gadgets and social media.

Related Posts
SonicWall hacked after 0-day flaws exploited by hackers

SonicWall hacked after 0-day flaws exploited by hackers

Massive privacy risk as hacker sold 2 million MyFreeCams user records

Massive privacy risk as hacker sold 2 million MyFreeCams user records

Malwarebytes says it was also breached by SolarWinds hackers

Malwarebytes says it was also breached by SolarWinds hackers

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
TikTok vulnerability allowed hackers to access users' phone numbers
Security

TikTok vulnerability allowed hackers to access users' phone numbers

40
Why you should never use free a VPN
Drones

Why you should never use free a VPN

27
Watch out as new Android malware spreads through WhatsApp
Security

Watch out as new Android malware spreads through WhatsApp

212

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us