5 Million Payment Cards Taken By Hackers From Stores of Saks, Lord & Taylor

Photo via Wikimedia Commons

The series of large-scale data breaches in retail is not about to end any time soon. Gemini Advisory has found that  Fin7, a JokerStash online crime syndicate, is planning to sell more than 5 million payment cards that were stolen from the databases of around 83 stores of Saks Fifth Avenue (including Off 5th) and the whole network of Lord & Taylor. As of this writing, the criminals are ‘only’ selling around 125,000 of the cards on the Dark Web but the rest are anticipated to reach the black market in the coming months. Reportedly, the breaches began in May 2017, but it possibly is continuing to this day.

Majority of the stores that are affected are located in the states of New Jersey and New York, even though three stores in Canada (in Brampton, Pickering, and Toronto) might have also been affected by the breach.

Canada’s Hudson’s Bay Company, the parent of both retail brands, confirmed the said breaches and said that it had already “taken steps to contain” the hacks. HBC said that the customers would receive free credit monitoring and some other services for identity protection once there was “more clarity around the facts.” It is not clear, however, what the said security measures involve, and it is not certain that the breaches have already come to an end. A spokesperson who was talking to Reuters refused to elaborate on the matter.

However, JokerStash is well-known. The hacker outfit has been linked to a series of data breaches including Omni Hotels, Whole Foods, and Chipotle. It has a pattern of leaking out cards to both maximise the sale potential of the cards and to avoid alarming bank investigators that are trying to discover the source of a given breach.

News of the breach arrives at a particularly bad time. Last March 2017, BuzzFeed News discovered that Saks had been collecting the data of customers (though not payment information) in plain text on the servers of the company. It is bound to be embarrassing for the retailer to endure a more serious breach in just more than a year later, even though the two incidents are not likely connected. HBC may be required to bend over backwards to regain the trust of Saks shoppers who have already been burned twice.