Cybercriminals have obtained more than five million credit & debit card numbers from customers of Saks Fifth Avenue and Lord & Taylor. The data was stolen using software that was implanted into the cash register systems at the stores. The investigation continues, but its e-commerce platform appears to not have been affected by the breach. However, the company has not stated how may customer accounts or stores were affected by the attack. This theft is one of the largest known breaches of a retailer and demonstrates how hard it is to secure credit-card transaction systems.
It was found that a group of Russian-speaking hackers known as Fin7 or JokerStash posted online that it had obtained a cache of five million stolen card numbers. Fin7 did not state where the numbers had been obtained. It is unclear how the malware was installed in the stores checkout systems, but it was stated that it was most likely from phishing emails.
Click here for the link.