Retail | SC Media


Canada’s Recipe Unlimited hit with cyberattack forcing some locations to close


The Canadian restaurant chains owned by Recipe Unlimited were hit late last week with a cyberattack that has forced some of its locations to temporarily close. The Ontario-based company, which until recently was known as Cara Operations, reported it is experiencing issues impacting its point of sale operations and that some locations have been closed…

Formjacking attacks spike as Magecart sets sites on ecommerce


Threat actors have shown a major uptick in formjacking attacks targeting e-commerce sites with researchers blocking nearly a quarter million attempts since mid-August 2018. Formjacking is an attack in which malicious JavaScript code designed to steal payment card information along with other data from payment forms is injected into the checkout web pages of e-commerce…

Amazon Logo

Report: Amazon employees under investigation for allegedly sharing internal data with merchants


Online mega-retailer Amazon reportedly has launched an investigation into employees who may have accepted bribes from independent merchants in exchange for sharing private corporate data. Citing sellers and brokers with knowledge of the practice, as well as people familiar with Amazon’s investigations, the Wall Street Journal reported yesterday that data being shared in violation of…

California street gangs busted for cybercrime wave


A 240-count indictment against 32 member of the BullyBoys and CoCo Boys street gangs in California were levied for a variety of cybercrimes, including stealing retail point of sale terminals to obtain customer personally identifiable information. The charges were brought by California Attorney General Xavier Becerra and include 63 counts of conspiracy to commit grand…

Malware campaign infects thousands of Magento e-commerce sites


Over the last six months, a recently discovered, highly prolific payment card-scraping campaign managed to infect more than 7,000 online stores running on the open-source Magento e-commerce software platform. In an Aug. 30 blog post, Dutch security researcher Willem de Groot reported that the operation involved online payment skimming malware called MagentoCore. Of the 7,339…


Unauthorized party accesses and customer accounts

For nearly two months, an unauthorized party reportedly used stolen usernames and passwords to log into the online accounts of certain and customers. The breach took place from April 26 through June 12, compromising data such as full names, addresses, phone numbers, email addresses, birthdays, and payment card numbers with expiration dates, according…

Next post in Data Breach