3. Saks and Lord & Taylor
Number Of Records Exposed: 5 Million
A well-known ring of cybercriminals obtained credit and debit card numbers from customers of Saks Fifth Avenue and Lord & Taylor, according to an April report from cybersecurity research firm Gemini Advisory. The data appeared to have been stolen using software that was implanted into the cash register systems at the stores and that siphoned card numbers until March 2018.
Gemini Advisory said that a group of Russian-speaking hackers known as Fin7 or JokerStash posted that they had obtained a cache of 5 million stolen card numbers, and were offering 125,000 of those records for immediate sale. The researchers determined that the card numbers all seemed to have been used at Saks and Lord & Taylor stores from May 2017 to March 2018.
Although it’s unclear exactly how the malware was installed in the stores’ checkout systems, Gemini said it was most likely through phishing emails sent to Hudson’s Bay employees.