Rail Europe had a three-month long credit card breach If you booked train tickets for a European getaway in the past few months, you might want to check your bank statements. Rail Europe, a site used by Americans to buy train tickets in Europe, has revealed a three-month data breach of credit cards and debit cards. The announcement came in a letter filed with… Read More
Card Breach Announced at Chili’s Restaurant Chain Malware has harvested payment card details from some Chili’s restaurants, Brinker International, the company behind the restaurant chain announced on Friday. Brinker says it detected the malware on Friday, May 11, the same day it made the announcement. The company said it is still investigating the incident together with law enforcement and third-party forensic experts.… Read More
Equifax reveals full horror of its data breach Equifax has published yet more detail on the data lost in its now-infamous 2017 data breach. 146.6 million names, 146.6 million dates of birth, 145.5 million social security numbers, 99 million address information and 209,000 payment cards (number and expiry date) breached, the company says, there were also 38,000 US drivers’ licenses and 3,200 passport… Read More
FTC Puts Uber on a Short Leash for Security Breaches Last week, Uber and the FTC finally settled on a revised consent agreement that now covers both the 2014 and 2016 breaches. The new agreement includes even more comprehensive security and privacy risk assessments, covering the security of Uber’s software development environment and use of the bug bounty. Source: ieee… Read More
Breach at UK’s Great Western Railway: Commuters told to reset passwords Great Western Rail is urging all customers to change their passwords after identifying a successful attack to access GWR.com accounts over the last week. Source: theregister… Read More
Sodexo Filmology data breach – Users need cancel their credit cards Sodexo food services and facilities management company notified a number of customers that it was the victim of a targeted attack on its cinema vouchers platform Sodexo Filmology. Source: securityaffairs… Read More
Sears Holdings, Delta and others leak credit cards in “multibreach” Last week, on March 28, Delta was notified by [24]7.ai, a company that provides online chat services for Delta and many other companies, that [24]7.ai had been involved in a cyber incident. It is our understanding that the incident occurred at [24]7.ai from Sept. 26 to Oct. 12, 2017, and that during this time certain… Read More
Malware Attack on Vendor to Blame for Delta and Sears Data Breach Affecting ‘Hundreds of Thousands’ of Customers The nature of the malware involved has not been disclosed and it remains unclear whether the payment card information, which Delta say was entered by the customers themselves, got intercepted in transit or was improperly stored. Source: gizmodo… Read More
Fin7: The Billion-Dollar Hacking Group Behind a String of Big Breaches This week, Saks Fifth Avenue, Saks Off 5th, and Lord & Taylor department stores—all owned by The Hudson’s Bay Company—acknowledged a data breach impacting more than five million credit and debit card numbers. The culprits? The same group that’s spent the last few years pulling off data heists from Omni Hotels & Resorts, Trump Hotels,… Read More
Credit Card Data Swiped From 5M Saks, Lord & Taylor Customers Gemini Advisory said that it appears that all Lord & Taylor and 83 US-based Saks Fifth Avenue locations have been compromised, and the majority of stolen credit cards were obtained from New York and New Jersey locations. Gemini Advisory estimated the window of compromise to be May 2017 to present. Source: threatpost… Read More