Retail News, Articles and Updates

First Choice Credit Union files class-action suit against Wendy's over breach

First Choice Credit Union files class-action suit against Wendy's over breach

By

Claiming that Wendy's didn't properly protect data, First Choice Credit Union filed a class action lawsuit against the retailer over a breach experienced last year.

PCI DSS version 3.2 release extends multifactor authentication requirement

PCI DSS version 3.2 release extends multifactor authentication requirement

By

The PCI Data Security Standard version 3.2 released Thursday not only includes new requirements to safeguard payment data, including multifactor authentication.

Online scammers entice wannabe mystery shoppers to disclose personal data

Online scammers entice wannabe mystery shoppers to disclose personal data

By

Beware of fake mystery shopper scams, a new McAfee Labs consumer alert warned.

'Multigrain' variant of POS malware crops up; uses DNS tunneling to steal data

'Multigrain' variant of POS malware crops up; uses DNS tunneling to steal data

By

A variant of the POS malware family known as NewPosThings, called Multigrain, has introduced a twist into its repertoire—exfiltrating stolen payment card data from POS systems via the Domain Name System (DNS).

DōTERRA breach exposes customer info; including SS, DOB, and addresses

DōTERRA breach exposes customer info; including SS, DOB, and addresses

By

DōTERRA International notified the State of California's Attorney General's office that personal information of its customers and wholesale members, or "Wellness Advocates," was breached.

Stolen laptop puts data of CVS customers in Alabama at risk

Stolen laptop puts data of CVS customers in Alabama at risk

By

The personal information of an undisclosed number of CVS customers in Calera, Ala., is at risk after a laptop was stolen from one of its vendors.

Research: Over 6,000 data breaches in key industry sectors since 2005

Research: Over 6,000 data breaches in key industry sectors since 2005

By

The Identity Theft Resource Center (ITRC) and IDT911 said that to date, the financial services, business, education, government and healthcare industrial sectors have experienced over 6,000 data breaches since 2005.

Worldpay merchant portal allowed merchants to view customer card data

Worldpay merchant portal allowed merchants to view customer card data

Worldpay's electronic payment gateway setup pages offer poor security seals on credit card details, according to a security researcher.

UPDATE: Nest disables smart home device, triggers IoT security concerns

UPDATE: Nest disables smart home device, triggers IoT security concerns

By

Nest will disable its smart home product Revolv on May 15th. Revolv founders Tim Enwall and Mike Soucie will re-focus on building Works with Nest.

Scammers phishing using fake Macy's delivery emails

Scammers phishing using fake Macy's delivery emails

By

Macy's is reportedly investigating a phishing scam that uses a fake Macy's delivery email notification for what is usually a non-existent order.

Six months in, chipped credit cards gaining acceptance with consumers, retailers

Six months in, chipped credit cards gaining acceptance with consumers, retailers

By

The six-month anniversary of chipped credit cards is coming up on April 1 and the general consensus in the industry on the rollout is "so far so good."

DHS launches two-way threat sharing system for public-private collaboration

DHS launches two-way threat sharing system for public-private collaboration

By

The Department of Homeland Security has declared itself officially ready to exchange cybersecurity intelligence with private industries and other organizations using an automated threat-sharing system, under the terms of the Cybersecurity Act of 2015.

FTC orders nine companies to provide details on PCI DSS audit process

FTC orders nine companies to provide details on PCI DSS audit process

By

The FTC has ordered nine companies to provide information on the way they assess whether retailers and others are in compliance with Payment Card Industry Data Security Standards (PCI DSS).

Kaspersky sees uptick in spam from fake 'Amazon stores'

Kaspersky sees uptick in spam from fake 'Amazon stores'

By

Kaspersky noticed an increase in fake emails that claim to be from Amazon online stores offering free gifts.

Retailers falling short of earlier predictions on EMV readiness

Retailers falling short of earlier predictions on EMV readiness

By

A new survey of U.S. payment service providers revealed that approximately 37 percent of retailers were ready to process EMV payments by Feb. 1, 2016.

Fake patch for Magento Shoplift bug steals payment info

Fake patch for Magento Shoplift bug steals payment info

By

Organizations that haven't updated their Magento sites with the SUPEE-5344 security patch for the Shoplift Bug run the risk of having their sites compromised by wily hackers pitching a fake patch.

Android malware masquerades as AliPay app

Android malware masquerades as AliPay app

By

An Android malware is masquerading as a security feature for AliPay, a Chinese PayPal-like online payment app.

VTech: You acknowledge that PII "may not be secure"

VTech: You acknowledge that PII "may not be secure"

By

VTech representatives are struggling to defend new terms and conditions that the electronic toy manufacturer company posted on its corporate website following a massive hack that exposed over 6.3 million accounts.

Wendy's finds malware at some locations

Wendy's finds malware at some locations

By

Wendy's found malware on the systems at some restaurants under investigation after unusual activity was reported on customers' payment card accounts.

Hackers attack 20M accounts of Alibaba e-commerce unit

Hackers attack 20M accounts of Alibaba e-commerce unit

By

A group of hackers tried to access active accounts belonging to more than 20 million users of Taobao, Alibaba Group Holding Ltd.'s e-commerce unit.

Update: eBay 'cesspit' has 'no plans' to fix severe vulnerability

Update: eBay 'cesspit' has 'no plans' to fix severe vulnerability

Though a large vulnerability was discovered in eBay's global sales platform, the company has 'no plans' to fix the active code exploit.

Landry's concludes breach probe, lists affected locations and attack timeframes

Landry's concludes breach probe, lists affected locations and attack timeframes

By

Landry's Inc., the dining and hospitality chain operator that discovered a long-running data breach in December, said it has completed its internal investigation into the incident, and has fortified its point-of-sale operations with encryption technology to prevent future cyberattacks.

Unauthorized access leads to Neiman Marcus Group breach, 5,200 affected

By

Neiman Marcus Group (NMG) reported that someone gained unauthorized access to thousands of online customer accounts.

Data Privacy Day: Chip card adoption growing, but problems linger

Data Privacy Day: Chip card adoption growing, but problems linger

By

The roll out of the EMV cards last fall was expected to bring a new level of data security to American consumers and retailers, but depending upon whom one speaks the cards have either been a boon or a bust.

Industry pros concerned with AWS free cert offering

Industry pros concerned with AWS free cert offering

By

Amazon Web Services said it would offer free certificates to help companies automate use of TLS/SSL cryptographic protocols.

Ransomware and POS attackers to zero in on small businesses, retailers

Ransomware and POS attackers to zero in on small businesses, retailers

By

Small businesses and retailers should expect cybercriminals to pay extra attention to them in the coming months with ransomware and point of sale attacks becoming even more common.

New type of PayPal spam discovered

New type of PayPal spam discovered

Security researcher Troy Hunt has come across a new type of spam - $0 invoices from PayPal accounts.

Landry's investigates a potential POS attack

Landry's investigates a potential POS attack

By

The restaurant and hospitality company Landry's is reporting that some of its customers have had unauthorized charges placed on their payment cards after they were used at a Landry's establishment.

Walgreens, Target shopping apps can expose customer data

Walgreens, Target shopping apps can expose customer data

By

Santa may know if you have been naught or nice, but that's nothing compared to the amount of information Walgreens and Target collects from its shopping app users.

Global efforts take down 37,000 websites selling counterfeit goods

Global efforts take down 37,000 websites selling counterfeit goods

In an effort by global law enforcement, over 37,000 websites selling counterfeit goods have been shut down during the time leading up to the Black Friday/Cyber Monday weekend.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US