Published: Tue, April 03, 2018
Tech | By

Hudson's Bay hacking affected personal data of customers

Hudson's Bay hacking affected personal data of customers

Saks Fifth Avenue and Lord & Taylor seem to have also learned this lesson the hard way. This would have allowed hackers to install manipulating software into the cash register systems and steal credit card numbers.

How did the data breach happen?

There will certainly be kerfuffle as the companies sort out their systems, but one thing's for sure: This is a stark reminder when it comes to credit card transactions.

A notorious hacking syndicate has stolen data from over 5 million Saks Fifth Avenue and Lord & Taylor payment card customers. In addition, the security firm suspects that 83 Saks Fifth Avenue stores and all Lord & Taylor locations were compromised in the data breach.

Thus far, 125,000 payment cards that were used at Lord & Taylor or Saks were released online for sales by hackers, said an online security firm.

The Hudson's Bay Company, which owns the retail store chains, confirmed the data breach involving customer payment card data in a statement on Sunday. "HBC has identified the issue, and has taken steps to contain it".


The statement goes on to answer questions such as whether Social Security numbers and other key personal data were compromised, as well as whether the risk is ongoing. Saks plans to offer credit and web monitoring services free of charge to anyone affected by the breach.

"When data that's used for customer account login or for payments is centralized on a retailer's server, it's especially vulnerable", noted George Avetisov, CEO of HYPR, a provider of decentralized authentication services for businesses. However, it's important to take action right away to protect your private information.

It will be hard for banks to sort fraudulent transactions from those of a legitimate nature, since "cardholders who frequently shop at luxury retail chains like Saks Fifth Avenue are more likely to buy high-ticket items regularly".

Let the representative know you're concerned about the data breach and ask them to cancel your current card number and issue you a new one. By getting malware into the POS machines, attackers are able to collect and transmit card numbers as they are read and before they can be encrypted.

A data breach a year ago points to systemic cybersecurity lapses at Saks. The company is promising to investigate fully, to offer free credit monitoring and to release more information. Here are the top 6 lenders of 2018!

Like this: