Prominent retail conglomerate Hudson’s Bay Company (HBC) announced Sunday that payment cards used by customers at Lord & Taylor and Saks Fifth Avenue locations may have been compromised.
The company said it has “taken steps to contain” the breach, but it may have already affected millions of card holders, according to Gemini Advisory, a cyber security firm.
“On March 28, 2018, a JokerStash hacking syndicate announced the release for sale of over five million stolen credit and debit cards,” Gemini Advisory reported on a blog post. “In cooperation with several financial organizations, we have confirmed with a high degree of confidence that the compromised records were stolen from customers of Saks Fifth Avenue and Lord & Taylor stores.”
JokerStash is known for selling stolen data on the blackmarket, specifically what’s known as the Dark Web. Roughly 125,000 payment cards and the involved information have so far been released for sale, Dmitry Chorine, Gemini’s chief technology officer, told Reuters. (RELATED: How The Daily Stormer Went From GoDaddy To The Shadows Of The Dark Web)
Chorine added that it’s not perfectly clear yet if all of the millions of card members are directly from Lord & Taylor and Saks, but that it seems likely at least most of them are.
“Once the Company has more clarity around the facts, it will notify customers quickly and will offer those impacted free identity protection services, including credit and web monitoring,” HBC continued in its press release. “HBC encourages customers to review their account statements and contact their card issuers immediately if they identify activity or transactions they do not recognize.”
The shopping corporation advises people worried about their personal information to visit the following sites. (RELATED: Advanced Cybersecurity: The Simple Password May Soon Be Obsolete)
Cyber crimes, such as the one reportedly involving HBC, appear to be steadily picking up in frequency in recent years. Nefarious hackers seem to be getting more aggressive and skilled with their virtual capabilities, while businesses falter in protecting digital services and platforms. In other words, even when companies try to adapt by bolstering their cybersecurity features and underlying infrastructure, so too do criminals on the internet.
Credit card information in particular is highly prized for stealing and selling purposes.
Potentially thousands of people’s credit card data was obtained by cybercriminals after 20 highly popular hotels across the country were unknowingly infiltrated for months.
Send tips to [email protected].