Red Hen Restaurant
June 27, 2018
•[ hack, retail ]
Researchers from Malwarebytes discover that the Red Hen restaurant that refused to serve Sarah Sanders is hit by a SEO Spam cyberattack.
Buffalo Wild Wings
June 1, 2018
•[ hack, phishing, retail ]
A hacker manages to take control of the official Twitter account of Buffalo Wild Wings (@BWWings) and posts a number of crude and racist tweets, including one that claims to give out the "secret recipe" for the company's wings.
Romwe
June 1, 2018
•[ hack, retail ]
In mid-2018, the Hong Kong-based retailer Romwe suffered a data breach which exposed almost 20 million customers. The data was subsequently sold online and includes names, phone numbers, email and IP addresses, customer geographic locations and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by dehashed.com.
Bombas
May 21, 2018
•[ hack, malware, retail ]
Bombas notifies consumers of breach going back to 2015 when malware in the code of the e-commerce platform was identified and removed on February 9, 2015.
blackphoenixalchemylab
May 17, 2018
•[ hack, malware, retail ]
blackphoenixalchemylab.com discovers malware inserted into the portion of the checkout page between May 1 and May 16.
Poshmark
May 16, 2018
•[ leak, retail ]
In mid-2018, social commerce marketplace Poshmark suffered a data breach that exposed 36M user accounts. The compromised data included email addresses, names, usernames, genders, locations and passwords stored as bcrypt hashes. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".
Chili's Restaurant
May 11, 2018
•[ financial, malware, retail ]
Chili's Restaurant reveals that some restaurants have been impacted by a data incident, which may have resulted in unauthorized access or acquisition of payment card data between March and April 2018.
Malley's Chocolates
May 10, 2018
•[ financial, hack, retail ]
Malley's Chocolates reveals that its website has been hacked, and the card information of 3,400 online customers has been breached.
Meituan Dianping
May 3, 2018
•[ leak, retail ]
Meituan Dianping, the internet giant backed by Tencent, China's most valuable tech corporation, begins investigating reports of a data breach that exposed the private information of tens of thousands of users.
Rail Europe North America
May 1, 2018
•[ financial, malware, retail ]
Rail Europe, a site used by Americans to buy train tickets in Europe, reveals a three-month data breach of credit cards and debit cards. Hackers implanted credit card-skimming malware on its website between late-November 2017 and mid-February 2018.
Zippy's Restaurants
April 27, 2018
•[ hack, malware, retail ]
The Hawaii-based Zippy's Restaurants reports that its point-of-sale system at 25 of its locations have been compromised exposing customer data from November 23, 2017, to March 29, 2018.
Wendy's
March 31, 2018
•[ hack, retail ]
In March 2018, Wendy's in the Philippines suffered a data breach which impacted over 52k customers and job applicants. The breach exposed extensive personal information including names, email and IP addresses, physical addresses, phone numbers and passwords stored as MD5 hashes.
JJ Meds
March 9, 2018
•[ financial, retail ]
JJ Meds, a medical marijuana delivery service in Canada, goes offline after having received an extortion demand.
160 Applebee's Restaurants
March 2, 2018
•[ hack, malware, retail ]
RMH Franchise Holdings reveals that PoS systems at the Applebee's network of restaurants were infected with a PoS malware. 160 restaurants are affected. The breach was discovered on February 13, and took place between November 23, 2017, and January 2, 2018.
Tim Hortons
February 27, 2018
•[ hack, malware, retail ]
A computer virus is suspected of crashing cash registers at over 1,000 Tim Hortons coffee and donuts fast food restaurants.
Curtis Lumber
February 22, 2018
•[ social, phishing, retail ]
Curtis Lumber is the victim of a spear phishing attack.
Staybridge Suites Lexington Hotel
February 14, 2018
•[ financial, malware, retail ]
The Staybridge Suites Lexington Hotel is hit with what appears to be a point of sales data breach that occurred when several devices at the hotel were hit with malware.
Ron's Pharmacy Services
February 2, 2018
•[ leak, retail ]
Ron's Pharmacy Services notifies certain patients of the unauthorized access to certain limited pieces of patient information, including patient names, Ron's Pharmacy internal account numbers, and payment adjustment information.
National Stores, Inc.
January 23, 2018
•[ financial, malware, retail ]
National Stores, Inc. announces that it has been the victim of a malware attack, enabling unauthorized parties to access payment card information. It appears that payment cards used by customers at some National Stores locations between July 16 and December 11, 2017 may be involved.
Beautyblender
January 5, 2018
•[ hack, malware, retail ]
Beautyblender notifies 3,673 individuals that their information might have been compromised after the discovery of a malware on its online shop.
