Discountmugs
January 10, 2019
•[ hack, malware, retail ]
Another victim of Magecart. Discountmugs.com reveals that anyone who used a credit between August 5, 2018, and November 16, 2018 may have had their information compromised.
BevMo
December 27, 2018
•[ financial, malware, retail ]
Alcohol retailer BevMo reveals that its website was breached, compromising the credit card data of nearly 15,000 customers: a "malicious code" placed on the checkout page, compromising data between Aug. 2 and Sept. 26.
Caribou Coffee
December 20, 2018
•[ hack, malware, retail ]
US coffee store chain Caribou Coffee announces a security breach after it discovered unauthorized access of its POS systems. The breach was discovered on November 28, and the company listed 239 stores of its total 603 locations as impacted.
Warby Parker
December 20, 2018
•[ hack, brute-force, retail ]
Warby Parker discloses that roughly 198,000 of its customers may have been affected by a credential stuffing attack targeting the eyeglass retail chain. The unauthorized activity started on Sept. 25 and continued through late November.
Wanelo
December 13, 2018
•[ hack, retail ]
In approximately December 2018, the digital mall Wanelo suffered a data breach. The data was later placed up for sale on a dark web marketplace along with a collection of other data breaches in April 2019. A total of 23 million unique email addresses were included in the breach alongside passwords stored as either MD5 or bcrypt hashes. After the initial HIBP load, further data containing names, shipping addresses and IP addresses were also provided to HIBP, albeit without direct association to the email addresses and passwords. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".
OppoSuits
December 3, 2018
•[ financial, hack, leak ]
Customers of Dutch clothing company OppoSuits are warned to monitor their credit card accounts after the firm discovers the Magecart malware planted on its website could have stolen the details of 7,000 customers.
Sotheby's
November 30, 2018
•[ financial, malware, retail ]
Sotheby's Home website is the latest casualty of Magecart after a breach sees card-skimming code deployed by the cyber criminals.
Dunkin' Donuts
November 29, 2018
•[ hack, brute-force, retail ]
Dunkin' Donuts informs some of its DD Perks program members that their account information may have been exposed through a credential stuffing attack. The incident was discovered on October 31, 2018.
VisionDirect
November 18, 2018
•[ financial, retail ]
VisionDirect, a popular contact lens online merchant, posts an advisory stating that their web site was compromised causing the theft of credit card and account information. The breach occurred between November 3rd and November 8th.
Infowars' online store
November 14, 2018
•[ financial, malware, retail ]
A Magecart credit card skimming attack is discovered on the online store for the Infowars web site.
Saffire Freycinet
November 2, 2018
•[ hack, retail ]
Guests of two Tasmania's luxury hotels are notified that their personal data may have been accessed by an unauthorised third party.
Five Guys
November 2, 2018
•[ social, phishing, retail ]
Five Guys notifies employees of data breach after an employee falls victim for a phishing attack.
Kitronik
November 2, 2018
•[ hack, malware, retail ]
Educational electronics outlet Kitronik is the latest victim of the Magecart gang. The hack occurred between August and September.
Radisson Hotel Group
October 31, 2018
•[ leak, retail ]
The hotel chain Radisson Hotel Group suffered a security breach that exposed personal information of the members of its loyalty scheme. The incident happened on September 11, but was identified only on October first.
Shopper Approved
October 9, 2018
•[ hack, malware, retail ]
Shopper Approved is the latest victim of the Magecart gang. The incident took place on September 15.
Burgerville
September 30, 2018
•[ financial, retail ]
Burgerville reveals a data breach impacting the chain which may have led to the theft of detailed credit card information belonging to customers.
Recipe Unlimited
September 28, 2018
•[ ransomware, malware, retail ]
Recipe Unlimited, a Canadian restaurant chain that operates over 20 restaurant brands, suffers a country-wide outage of its IT systems over the weekend in a ransomware incident.
