Retail | SC Media

Retail

Top online retailers rated for cybersecurity practices

By

With Black Friday and Cyber Monday looming only eight days away, and Magecart’s malware being spotted in more than a few retailer point-of-sale systems, consumers should be aware of which online retailers are the best at protecting their customer’s data. To come up with a definitive list LastPass tested the websites of the top 10…

The many faces of Magecart: Report profiles groups behind card-skimming threat

By

Magecart, the e-commerce payment card-skimming threat that has recently victimized Ticketmaster, British Airways, Newegg and other notable companies, is primarily comprised of six major active cybercriminal groups, according to a new joint research report. All of these groups use a version the same skimmer toolset, but they rely on different strategies and in some cases have…

Nordstrom data breach exposes employee information

By

High-end retailer Nordstrom is in the process of notifying its employees their data may have been compromised in a breach. The Seattle Times reported worker names, Social Security numbers, dates of birth, checking account and routing numbers, salaries and additional information is included in the breach notification, which is being sent by email or being…

Burgerville discloses year-long data breach, courtesy of FIN7 cybergang

By

Add fast-casual restaurant chain Burgerville to the list of retail and hospitality companies victimized by the Eastern European cybercrime group FIN7. The Vancouver, Wash.-based restaurant operator disclosed in an online security alert and FAQ page that it was infected with malware by FIN7, aka the Carbanak Group, resulting in a data breach that compromised customers’…

Canada’s Recipe Unlimited hit with cyberattack forcing some locations to close

By

The Canadian restaurant chains owned by Recipe Unlimited were hit late last week with a cyberattack that has forced some of its locations to temporarily close. The Ontario-based company, which until recently was known as Cara Operations, reported it is experiencing issues impacting its point of sale operations and that some locations have been closed…

Formjacking attacks spike as Magecart sets sites on ecommerce

By

Threat actors have shown a major uptick in formjacking attacks targeting e-commerce sites with researchers blocking nearly a quarter million attempts since mid-August 2018. Formjacking is an attack in which malicious JavaScript code designed to steal payment card information along with other data from payment forms is injected into the checkout web pages of e-commerce…

Amazon Logo

Report: Amazon employees under investigation for allegedly sharing internal data with merchants

By

Online mega-retailer Amazon reportedly has launched an investigation into employees who may have accepted bribes from independent merchants in exchange for sharing private corporate data. Citing sellers and brokers with knowledge of the practice, as well as people familiar with Amazon’s investigations, the Wall Street Journal reported yesterday that data being shared in violation of…

California street gangs busted for cybercrime wave

By

A 240-count indictment against 32 member of the BullyBoys and CoCo Boys street gangs in California were levied for a variety of cybercrimes, including stealing retail point of sale terminals to obtain customer personally identifiable information. The charges were brought by California Attorney General Xavier Becerra and include 63 counts of conspiracy to commit grand…

Malware campaign infects thousands of Magento e-commerce sites

By

Over the last six months, a recently discovered, highly prolific payment card-scraping campaign managed to infect more than 7,000 online stores running on the open-source Magento e-commerce software platform. In an Aug. 30 blog post, Dutch security researcher Willem de Groot reported that the operation involved online payment skimming malware called MagentoCore. Of the 7,339…

Next post in Cybercrime