×
71 796
Fashion Jobs
NORDSTROM
Asset Protection Agent - Cherry Hill
Permanent · Cherry Hill
NORDSTROM
Asset Protection Agent - Tysons Corner
Permanent · McLean
NORDSTROM
Asset Protection - Agent - Town Center at Boca Raton
Permanent · Boca Raton
NORDSTROM
Retail Stock - Tempe Marketplace Rack
Permanent · Tempe
NORDSTROM
Operations Manager_ Returns_ Sat-Mon 6am-6pm - Elizabethtown, PA
Permanent · Elizabethtown
NORDSTROM
Retail Stock - Winrock Town Center Rack
Permanent · Albuquerque
NORDSTROM
Retail Stock & Fulfillment - Houston Galleria
Permanent · Houston
NORDSTROM
Retail Stock - Christiana Fashion Center Rack
Permanent · Newark
GAP
Assistant Manager, Talent Operations - San Marcos Premium
Permanent · San Marcos
MACY'S
Asset Protection Detective, Menlo Park - Full Time
Permanent · Edison
MACY'S
Manager, Merchandise Execution
Permanent · East Wenatchee
JCPENNEY CAREERS 2018
Product Manager - Customer Service Application & Associate Fulfillment Tools
Permanent · Plano
ROSS STORES
IT Manager i (Supply Chain)
Permanent · Shafter
ROSS STORES
IT Manager i (Supply Chain)
Permanent · Brookshire
ROSS STORES
Purchasing Supervisor
Permanent · Dublin
ROSS STORES
Store Protection Specialist
Permanent · Holmes
ROSS STORES
Store Protection Specialist
Permanent · Medford
ROSS STORES
District Manager
Permanent · Bakersfield
ULTA BEAUTY, INC.
Retail Operations Manager
Permanent · San Leandro
UNIQLO
Human Resources Coordinator - Emeryville, ca
Permanent · Emeryville
UNIQLO
Loss Prevention Supervisor- Westfield Valley Fair Mall
Permanent · Santa Clara
UNIQLO
Loss Prevention Agent (Full-Time) - Santa Monica Place
Permanent · Santa Monica
By
Reuters API
Published
Apr 2, 2018
Reading time
3 minutes
Share
Download
Download the article
Print
Click here to print
Text size
aA+ aA-

Saks, Lord & Taylor hit by payment card data breach

By
Reuters API
Published
Apr 2, 2018

Retailer Hudson’s Bay Co on Sunday disclosed that it was the victim of a security breach that compromised data on payment cards used at Saks and Lord & Taylor stores in North America.

Reuters


One cyber security firm said that it has evidence that millions of cards may have been compromised, which would make the breach one of the largest involving payment cards over the past year, but added that it was too soon to confirm whether that was the case.

Toronto-based Hudson’s Bay said in a statement that it had “taken steps to contain” the breach but did not say it had succeeded in confirming that its network was secure. It also did not say when the breach had begun or how many payment card numbers were taken.

“Once we have more clarity around the facts, we will notify our customers quickly and will offer those impacted free identity protection services, including credit and web monitoring,” the statement said.

A company spokeswoman declined to elaborate.

The breach comes as Hudson’s Bay struggles to improve its financial performance as a tough retail environment has weighed on sales and margins. Last June, it launched a transformation plan to cut costs and is working to monetise the value of its substantial real estate holdings.

Hudson’s Bay disclosed the incident after New York-based cyber security firm Gemini Advisory reported on its blog that Saks and Lord & Taylor had been hacked by a well-known criminal group known as JokerStash.

JokerStash, which sells stolen data on the criminal underground, on Wednesday said that it planned to release more than 5 million stolen credit cards, according to Gemini Chief Technology Officer Dmitry Chorine.

The hacking group has so far released about 125,000 payment cards, about 75 percent of which appear to have been taken from the Hudson’s Bay units, Chorine told Reuters by telephone.

The bulk of the 5 million card numbers that JokerStash said it plans to release are likely from Saks and Lord & Taylor, but it is too early to say for sure, Chorine said.

“It’s hard to assess at the moment, primarily because hackers have not released the entire cards in one batch,” he told Reuters.

Alex Holden, chief information security officer with cyber security firm Hold Security, confirmed that the 125,000 cards had been released by JokerStash but said it was too soon to estimate how many had been taken from Hudson’s Bay.

If in fact millions of records were stolen, the breach would be one of the largest involving payment cards in the past year, but it would still be far smaller than any of the biggest thefts on record, which occurred a decade ago.

Hackers stole more than 130 million credit cards from credit-card processor Heartland Payment Systems, convenience store operator 7-Eleven Inc and grocer Hannaford Brothers Co, from 2006 to 2008, according to U.S. federal investigators.

Cyber criminals stole some 40 million payment cards in a 2013 hack on Target Corp and 56 million from Home Depot Inc in 2014.

Hudson’s Bay said there is no indication its recent breach involved online sales at Saks and Lord & Taylor outlets or its Hudson’s Bay, Home Outfitters and HBC Europe units.

The company said that customers will not be liable for fraudulent charges resulting from the breach.

© Thomson Reuters 2022 All rights reserved.