Nordstrom card-skimming scheme lasted nearly two months

Share this article:

A card-skimming operation that targeted a Nordstrom store in Florida lasted nearly two months, according to a letter detailing the event sent to the New Hampshire Department of Justice's Office of the Attorney General.

The letter, penned by Kim Dawson, senior privacy director at Nordstrom, indicates that from August 14 to October 5, unauthorized keystroke-logging devices were implanted by six men that intended to steal customer credit card data. Thanks to video evidence, the retailer was able to determine the length of the attack.

The men worked in groups in order to distract sales staff, while others set up the keyloggers. A total of 10 registers were rigged with the devices.

According to the letter, no Social Security numbers or other sensitive data was stolen in the incident, and only one customer in New Hampshire may have been impacted by the breach.

However, company officials have sent notification letters to any customers whose information may have been compromised in the breach, as well as providing them with a year of free credit monitoring.

The physical compromise aspect of this incident compares to that of a recent one impacting Barclays and Santander bank locations in London. In this scam, saboteurs posing as IT engineers rigged bank computers with keyboard video mouse (KVM) devices to monitor and manipulate accounts.

Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.