Interpark Corp.
July 25, 2016
•[ hack, retail ]
Interpark, a South Korean online shopping mall, is the victim of a data breach with more 10 million customers affected.
pingpong.su
July 12, 2016
•[ leak, retail ]
SonnySpooks leaks the entire database of pingpong.su made of 57K records including username and passwords.
Unknown Organization
July 1, 2016
•[ hack, retail ]
DID Electrical reveals that more than 300 people have had card details stolen after an online security breach. The attack happened between June 15 and June 26.
FreshMenu
July 1, 2016
•[ leak, retail ]
In July 2016, the India-based food delivery service FreshMenu suffered a data breach. The incident exposed the personal data of over 110k customers and included their names, email addresses, phone numbers, home addresses and order histories. When advised of the incident, FreshMenu acknowledged being already aware of the breach but stated they had decided not to notify impacted customers.
Hard Rock Hotel and Casino Las Vegas
June 29, 2016
•[ financial, hack, malware ]
The Hard Rock Hotel and Casino Las Vegas notifies guests of "certain restaurant and retail outlets" located at its Las Vegas casino that hackers breached payments systems extracting credit card data.
Noodles & Company
June 29, 2016
•[ financial, malware, retail ]
Noodles & Company announces that malware infected its backend card processing system and maybe have compromised customer credit and debit card data collected between January 31, 2016 and June 2, 2016.
Unnamed jewelry shop
June 27, 2016
•[ hack, ddos, retail ]
Researchers from Sucuri reveal the details of a massive DDoS attack against an unnamed jewelry shop carried out by leveraging a network of 25,000 compromised CCTV boxes.
Castorama
June 8, 2016
•[ hack, xss, retail ]
French DIY goods store Castorama pull its website offline after unknown attackers manipulated the site search function to suggest rude versions of household appliances.
Sh0ping[.]su
June 5, 2016
•[ hack, retail ]
Sh0ping[.]su, a platform known for selling stolen accounts on the dark market is hacked. The attackers leak 16,000 stolen accounts, 15,000 accounts taken from other sites, and 9,000 credit cards.
Kiddicare
May 9, 2016
•[ hack, retail ]
Babycare retailer Kiddicare has warned customers that personal data consisting of 795,000 records shared with the store has been stolen by hackers.
Union League Club
May 3, 2016
•[ financial, insider, malware ]
Union League Club says it is working with the FBI to investigate a security breach involving guests' credit card information. An employee accused to have installed malicious software is fired.
Lucky Pet
April 27, 2016
•[ leak, retail ]
LuckyPet notifies the California State Attorney General's office of a data breach that compromised online customer information.
The Grand Sierra Resort
April 25, 2016
•[ financial, malware, retail ]
The Grand Sierra Resort is the latest hospitality entity to disclose a data breach involving customers' credit card information. In this case, there appear to be two time frames during which cards used at their food and retail locations may have been compromised; for a one-month period in 2014 and again during a 5-month period in 2015.
Foodora
April 22, 2016
•[ leak, retail ]
In April 2016, the online food delivery service Foodora suffered a data breach which was then extensively redistributed online. The breach included the personal information of hundreds of thousands of customers from multiple countries including their names, delivery addresses, phone numbers and passwords stored as either a salted MD5 or a bcrypt hash.
Hi-Tec Sports
March 11, 2016
•[ hack, misconfiguration, retail ]
Hi-Tec Sports notifies customers about a compromise affecting its online ordering system and payment card data.
1-800-FLOWERS
March 8, 2016
•[ hack, retail ]
1-800 Flowers sends out data breach letters notifying customers that a hacker might have stolen their personal information.
Rosen Hotels & Resorts
March 4, 2016
•[ financial, malware, retail ]
US chain Rosen Hotels & Resorts is the latest to confirm a malware-based breach of its payment processing systems. The breach covered an extended period between September 2, 2014 to February 18, 2016.
RubberStamps
February 25, 2016
•[ hack, retail ]
RubberStamps.net notifies about 7,000 customers that its web site was compromised
techfactory
February 17, 2016
•[ hack, retail ]
Bravewanderer hacks techfactory.net and dumps 15,601 usernames and clear text passwords.
Alibaba Group's TaoBao
February 5, 2016
•[ hack, retail ]
Local media report that hackers in China have attempted to access over 20 million active accounts on Alibaba Group's Taobao e-commerce website.
