2014 Retail Data Breaches
2014 was a year where data breaches dominated retail news and changed the corporate landscape of many retail organizations. The phrase, “It’s not if you will have a breach, but when you learn that you’ve had a breach” became part of our common language. We also found that while most breaches were intended for financial gain, others were also initiated for malicious intent, simply to damage brands and cause financial loss. This will certainly be an ongoing topic next year as well as business continue to react to these cyber threats and proactively address future opportunities. Below are the primary data breach stories that made retail loss prevention headlines in the US in 2014.
Target Says Data Breach Puts up to 110 Million People at Risk
While the incident actually took place in late 2013, the Target breach dominated many of the early headlines in 2014. Target said that the thieves who accessed its data system from late November through mid-December also obtained personal information on 70 million customers, an exposure of data that’s well beyond the financial information on 40 million people it initially reported. Target said, “The theft is not a new breach.” But spokeswoman Molly Snyder later said the possibility exists that the personal information exposure involves different people than the financial one. If so, as many as 110 million people had data stolen from Target’s system.
Neiman Marcus Investigating Possible Credit Card Data Theft
Neiman Marcus said it is investigating a security breach involving credit card information that may have been stolen from its customers during the holiday shopping season. The Secret Service, which is already probing a similar breach at Target, has launched an investigation into the matter.
Company spokeswoman Ginger Reeder said in a written statement, “We have begun to contain the intrusion and have taken significant steps to further enhance information security.”
Michaels Warns of Possible Payment Card Breach
Michaels, the biggest U.S. arts and crafts retailer, said it is investigating a possible breach on its network and advised customers to check financial statements for fraudulent activity. “We are concerned there may have been a data security attack on Michaels that may have affected our customers’ payment card information,” Chief Executive Chuck Rubin said in the statement. “We are taking aggressive action to determine the nature and scope of the issue.” It was not immediately clear how many cards might have been affected, when an attack might have occurred or whether the systems were currently compromised…
eBay Suffers Cyber Attack, Users Asked to Change Passwords
Need any more proof that cyber is one of the world’s most pressing concerns? Look no further than retail giant, eBay, which just reported a massive breach in its system. According to the firm, around late February or early March, cyber thieves stole sensitive customer information, such as: email addresses, encrypted passwords and birth dates. And while it said no financial information was compromised, the situation was serious enough for the company to urge its 145 million users to change their passwords…
P.F. Chang’s Confirms Credit Card Breach
Nationwide restaurant chain P.F. Chang’s Chinese Bistro confirmed news that customer credit and debit card data had been stolen in a cybercrime attack on its stores. The company had few additional details to share about the breach, other than to say that it would temporarily be switching to a manual credit card imprinting system for all P.F. Chang’s restaurants in the United States…
Goodwill Investigating Possible Data Breach
Goodwill Industries International, a nonprofit agency that operates thrift stores around the country, said that it was investigating a potential security breach that may have led to the theft of customers’ credit card data. In a statement, Goodwill said it had been contacted by federal authorities and a fraud investigation unit about a possible data theft at its American store locations. Goodwill said it was working with the authorities…
Supervalu investigating potential data breach
Supervalu Inc said it is investigating a potential data breach that could have affected some of its retail food stores, including some of its associated stand-alone liquor stores. The intrusion may have resulted in the theft of account numbers and other numerical information from payment cards used at some point-of-sale systems at the company’s owned and franchised stores. “The intrusion was identified by our internal team, it was quickly contained, and we have had no evidence of any misuse of any customer data,” Supervalu CEO, Sam Duncan, said in a statement…
Nearly All U.S. Home Depot Stores Breached
New data gathered from the cybercrime underground suggests that the apparent credit and debit card breach at Home Depot involves nearly all of the company’s stores across the nation. As with cards put up for sale in the wake of those breaches each card is listed according to the city, state and ZIP code of the store from which each card was stolen. A comparison of the ZIP code data between the unique ZIPs and those of the Home Depot stores shows a staggering 99.4 percent overlap…
Staples stores investigated: suspected payment card breach
Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach. Staples says it is investigating “a potential issue” and has contacted law enforcement. It appears likely that fraudsters have succeeded in stealing customer card data from some subset of Staples locations…
Kmart Says Hackers Stole Card Data in Attack
Sears Holdings Corp’s Kmart discount chain, the latest victim of hacker attacks on retailers, detected a security breach yesterday and is investigating the incident with law enforcement officials. “According to the security experts Kmart has been working with, the Kmart store payment data systems were infected with a form of malware that was undetectable by current anti-virus systems,” the company said. “Kmart was able to quickly remove the malware. However, Kmart believes certain debit and credit card numbers have been compromised…”
Has Dairy Queen Been Breached?
Sources in the financial industry say they’re seeing signs that Dairy Queen may be the latest retail chain to be victimized by cybercrooks bent on stealing credit and debit card data. Dairy Queen says it has no indication of a card breach also acknowledges that nearly all stores are franchises and that there is no established company process or requirement to communicate card breaches to Dairy Queen headquarters…
Possible Credit Card Breach at Bebe Stores
Data gathered from several financial institutions and at least one underground cybercrime shop suggest that thieves have stolen credit and debit card data from Bebe Stores Inc., a nationwide chain of some 200 women’s clothing stores…
Sony to lose $200 million following cyber attack
Sony Pictures has suffered an estimated loss of $200 million on account of the recent cyber attack over the film “The Interview”, according to various analysts. The $200 million figure is expected to rise, given the expenses that the company will incur due to lawsuits that former employees have filed as a result of their personal data being stolen from Sony’s database by the hackers…