Charleston Lube Partners
February 14, 2020
•[ hack, malware, retail ]
Charleston Lube Partners reveals to have been hit by a PoS malware between February 14, 2019 and August 19, 2019.
Rutter's
February 13, 2020
•[ financial, malware, retail ]
Rutter's discloses that 71 locations were infected with a point-of-sale (POS) malware that was used by attackers to steal customers' credit card information.
Home Chef
February 10, 2020
•[ leak, retail ]
In early 2020, the food delivery service Home Chef suffered a data breach which was subsequently sold online. The breach exposed the personal information of almost 9 million customers including names, IP addresses, post codes, the last 4 digits of credit card numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
100 UPS Store Locations
January 21, 2020
•[ leak, phishing, retail ]
Sensitive personal and financial information of UPS Store customers is exposed in a phishing incident affecting roughly 100 local store locations between September 29, 2019, and January 13, 2020.
Hanna Andersson
January 20, 2020
•[ hack, malware, retail ]
US children's apparel maker and online retailer Hanna Andersson discloses that its online purchasing platform was hacked and malicious code was deployed to steal customers' payment info for almost two months.
Pampling
January 4, 2020
•[ hack, misconfiguration, retail ]
In January 2020, the online clothing retailer Pampling suffered a data breach that exposed 383k unique customer email addresses. The data was later shared on a popular hacking forum and also included names, usernames and unsalted MD5 password hashes.
Tokopedia
January 1, 2020
•[ hack, retail ]
hacked
Wawa (company)
January 1, 2020
•[ hack, retail ]
hacked
Landry's
December 31, 2019
•[ financial, malware, retail ]
Restaurant chain Landry's discloses a security incident that involved the discovery of malware on the network of 63 restaurants. The malware was designed to collect payment card data from cards swiped at its bars and restaurants, and was active from March 13 to October 2019.
Islands restaurants
December 19, 2019
•[ financial, malware, retail ]
Islands restaurants announces a PoS malware incident.
Champagne French Bakery Cafe
December 19, 2019
•[ financial, malware, retail ]
Even Champagne French Bakery Cafe announces a credit card breach due to a PoS malware.
Wawa
December 19, 2019
•[ financial, malware, retail ]
Convenience store chain Wawa discloses today a card breach after its security team finds malware installed on its payment processing systems. The malware was installed on March 4 this year, and impacts potentially all locations.
Unnamed gas station in North America
December 14, 2019
•[ hack, malware, retail ]
Payments processor VISA says North American merchants who operate gas stations and gas pumps are facing a rash of attacks from cybercrime groups wanting to deploy point-of-sale (POS) malware on their networks. VISA has identified two specific attacks which were attributed to FIN8.
Love Bonito
December 13, 2019
•[ hack, malware, retail ]
Love Bonito reports a data breach, with personal and credit card information potentially accessed. The company discovered a malicious code being added to their e-commerce site on 10 Dec.
GoSport et Courir
December 12, 2019
•[ ransomware, malware, retail ]
GoSport et Courir is hit by a ransomware attack. 2 out of 84 shops are closed as a consequence of the attack.
Sweaty Betty
December 3, 2019
•[ financial, malware, retail ]
The web site for UK retailer Sweaty Betty is the victim of a Magecart attack, and hacked to insert malicious code that attempts to steal a customer's payment information when making purchases.
DiBella's Old Fashioned Submarine
November 26, 2019
•[ financial, malware, retail ]
DiBella's Old Fashioned Submarines reveals that its stores in Connecticut, Indiana, Michigan, Ohio, New York and Pennsylvania may have had the information on as many as 305,000 payment cards compromised between March 22, 2018 and December 28, 2018.
On the Border
November 26, 2019
•[ financial, malware, retail ]
On the Border, a border-style Mexican food chain notifies a data breach in a payment-processing system serving restaurants in 28 states. Some customer credit card information could have been compromised on visits between April 10 and August 10, 2019.
