Accountability, Blog, Data breaches and Retail

Hot Topic Announces Potential Data Breach Due to Stolen Account Credentials

Heimadal Security

AUGUST 2, 2023

The American clothing company Hot Topic announced they identified suspicious login activity on a series of Reword accounts. Hot Topic warns that a data breach might have compromised users` sensitive information. The retail chain has 675 stores across the U.S. and an online shop with roughly 10 million visitors monthly.

Data breaches

Data breaches Accountability Retail Cybersecurity

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Volvo’s retailer in Brazil, Dimas Volvo, leaked sensitive files through its website. website, belonging to an independent Volvo retailer in the Santa Catarina region of Brazil.

Retail

Retail Manufacturing Passwords Phishing

T-Mobile Investigating Claims of Massive Data Breach

Krebs on Security

AUGUST 16, 2021

” The intrusion came to light on Twitter when the account @und0xxed started tweeting the details. Reached via direct message, Und0xxed said they were not involved in stealing the databases but was instead in charge of finding buyers for the stolen T-Mobile customer data. . WHO HACKED T-MOBILE?

Mobile

Mobile Data breaches Accountability Wireless

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

5 Things Retailers Should Know About Cybersecurity

Duo's Security Blog

FEBRUARY 16, 2022

With growing concerns around security, ransomware and retail breaches, there are a few key considerations that retailers should keep in mind when it comes to protecting their organizations. Retail’s great “digital transformation” sped up, as did the number of data breaches impacting retail.

Retail

Retail Cybersecurity Data breaches Passwords

Why retailers must adopt a Zero Trust approach during this holiday season

CyberSecurity Insiders

NOVEMBER 4, 2021

This blog was written by an independent guest blogger. Competition has never been fiercer for online retailers, which means it’s not just quality products and customer service that companies must focus on. Today, we’ll delve into the concept of the zero-trust approach and explain why this is the safest option for retailers.

Retail

Retail eCommerce Cyber Attacks Authentication

Freedom Mobile data breach impacts at least 15,000 customers

Security Affairs

MAY 9, 2019

Exposed records include email addresses, phone numbers, home addresses, dates of birth, IP addresses associated with payment methods, credit scores (from Equifax and other companies), unencrypted payment card data with CVV codes, locations, and other customer service records, and account details. All the data was encrypted.

Mobile

Mobile Data breaches Retail Accountability

Here’s Why Credit Card Fraud is Still a Thing

Krebs on Security

JULY 29, 2020

Whoever compromised the shop siphoned data on millions of card accounts that were acquired over four years through various illicit means from legitimate, hacked businesses around the globe — but mostly from U.S. Although Visa cards made up more than half of accounts put up for sale (12.1 Indeed, three years later the U.S.

Accountability

Accountability Retail Banking Hacking

The Clock is Ticking for PCI DSS 4.0 Compliance

Thales Cloud Protection & Licensing

SEPTEMBER 18, 2023

Virtually every major financial institution, retailer, and scores of payment processors have been the victims of data breaches, incurring both financial and reputational damage. According to the 2022 Thales Data Threat Report – Financial Services Edition , 52% of U.S. million, second only to healthcare. Requirement 3.2

Financial Services

Financial Services Data breaches Accountability Encryption

A week in security (July 12 – July 18)

Malwarebytes

JULY 19, 2021

Source: Sucuri Blog) Mint Mobile suffered a data breach. Source: BleepingComputer) Guess , the fashion retailer, suffered a breach, too. Source: Gizmodo) Twitter verifying bot accounts raised a lot of questions regarding their process. Source: TechRepublic) Meanwhile, REvil seem to have disappeared.

DNS

DNS VPN Retail Mobile

Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

Security Affairs

MAY 10, 2022

“Frappo” acts as a Phishing-as-a-Service and enables cybercriminals the ability to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online-services to steal customer data. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook.

Phishing

Phishing Banking Retail Financial Services

The Cost of Doing Nothing

ForAllSecure

FEBRUARY 2, 2021

In security, some may refute that there is “no savings to worry about" if no investment has been made to begin with, arguing that they’ve been “just fine so far” In this blog, we will argue there is a cost in doing nothing. A 2019 Ponemon study revealed that the cost of a data breach is $4.88

Retail

Retail Data breaches Hacking Healthcare

The Cost of Doing Nothing

ForAllSecure

FEBRUARY 2, 2021

In security, some may refute that there is “no savings to worry about" if no investment has been made to begin with, arguing that they’ve been “just fine so far” In this blog, we will argue there is a cost in doing nothing. A 2019 Ponemon study revealed that the cost of a data breach is $4.88

Retail

Retail Data breaches Hacking Healthcare

IAM 101 Series: What Is RBAC?

Security Boulevard

AUGUST 26, 2021

Inappropriate Access Leads to Data Breaches . Inappropriate levels of access granted to employees, contractors, and partners is the leading cause of data loss, theft, and breaches. Global organizations’ state of readiness in the face of all the high-profile breaches does not paint a positive picture.

Data breaches

Data breaches Artificial Intelligence Retail Architecture

Securing the future of payments – what does 2018 have in store?

Thales Cloud Protection & Licensing

DECEMBER 20, 2017

We’re now seeing big data play an increasing role in how retail sales and payments are being tailored to individual consumer’s preferences, and providers are adopting and integrating smarter, more efficient ways of completing the path-to-purchase. appeared first on Data Security Blog | Thales e-Security.

Retail

Retail Marketing Mobile Digital transformation

2018 Thales Data Threat Report, Global Edition: Digital Transformation & Data Security

Thales Cloud Protection & Licensing

JANUARY 25, 2018

First – The breaches. It’s probably no surprise to anyone reading this that organizations are experiencing record data breaches; we hear about the breaches almost daily even in mainstream media. What we capture as part of our data is a bit different, however. Big Data – 99%. And it’s not good news.

Digital transformation

Digital transformation Threat Reports Big data Data breaches

Consumer concerns over GDPR should set alarm bells ringing for businesses

Thales Cloud Protection & Licensing

NOVEMBER 16, 2017

Ahead of the May 2018 legislation, we’ve been asking organisations if they’re #FITforGDPR – whether they’re ready to improve their personal data protections, as well as take on the increased accountability for data breaches, should they occur. As expected, responses have been mixed. A role of responsibility.

Retail

Retail Data breaches Financial Services Healthcare

Cyber Security Roundup for April 2021

Security Boulevard

MARCH 31, 2021

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. UK fashion retailer FatFace angered customers in its handling of a customer data theft hack. How not to disclosure a Hack. Stay safe and secure.

Energy and Utilities

Energy and Utilities Ransomware Banking Hacking

Notification no-nos: What to avoid when alerting customers of a breach

SC Magazine

JUNE 11, 2021

Expectations around how corporate America responds to and communicates around data breaches has evolved significantly over the past two decades,” said T.J. When a data breach is discovered, the heat is on the IS/IT department(s) and, in many organizations, there is a culture of blame,” said Winick. Here is a sampling.

Data breaches

Data breaches Media Identity Theft CSO

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

Thales Cloud Protection & Licensing

JULY 12, 2018

The use of IoT technologies holds enormous potential in practically every segment of human enterprise – government, banking and finance, healthcare, retail, agriculture, and ecommerce to name a few. But making the IoT work requires trust in the devices and the data they collect. The post Knock, Knock; Who’s There? –

IoT

IoT Data collection Encryption eCommerce

What Retailers Should Know About Cybersecurity This Holiday Season

Duo's Security Blog

DECEMBER 16, 2021

The holiday season is critical for the retail industry in the U.S., The 2021 Identity Fraud Study by Javelin Strategy & Research reports the identity fraud resulted from stolen personally identifiable information (PII) and data breaches. Retail is critical to the U.S. effective in preventing account compromise.

Retail

Retail Cybersecurity Identity Theft Authentication

Retail and Hospitality Trending Holiday Cyber Threats

Duo's Security Blog

DECEMBER 12, 2022

The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) just released the 2022 Holiday Season Cyber Threat Trends report that reveals the most prevalent malware tools leveraged by cyber criminals this year, with phishing and fraud dominating the list.

Retail

Retail Cyber threats Social Engineering Phishing

Breach at Dickey’s BBQ Smokes 3M Cards

Krebs on Security

OCTOBER 15, 2020

KrebsOnSecurity has learned the data was stolen in a lengthy data breach at more than 100 Dickey’s Barbeque Restaurant locations around the country. An ad on the popular carding site Joker’s Stash for “BlazingSun,” which fraud experts have traced back to a card breach at Dickey’s BBQ.

Data breaches

Data breaches Cybercrime Retail Banking

Key Aspects of Data Access Governance in Compliance and Auditing

Centraleyes

MAY 23, 2024

Logging and Audit Trail: Establishing systems to track and register user behaviors and creating an audit trail for accountability are essential steps in establishing accountability. They should also ensure that the company is honest in describing its data collection and access procedures to customers and regulators if needed.

Government

Government Backups Data privacy Accountability

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

At the same time – in fact, as a direct result of data’s central importance – more adversaries are working harder and finding more nefarious ways to steal or otherwise compromise your data. As just one measure, the number of data breaches in the first nine months of 2021 exceeded all those in 2020, a new record.

Encryption

Encryption Data privacy Cloud Migration Risk

Have I Been Pwned is Now Partnering With 1Password

Troy Hunt

MARCH 29, 2018

In an era well before the birth of Have I Been Pwned (HIBP), I was doing a bunch of password analysis on data breaches and wouldn't you know it - people are terrible at creating passwords! I even shutdown accounts I no longer wanted / needed. The Intent of HIBP Has to Remain Beyond Reproach. So now what?

Password Management

Password Management Passwords Data breaches Retail

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

Thales Cloud Protection & Licensing

JULY 11, 2019

What is the General Data Protection Regulation? Breach notifications. The GDPR mandates that a business must inform EU DPAs very quickly (within 72 hours) and thoroughly of any security data breach involving European citizens. Prove accountability to regulators. Ensure privacy and security by design and by default.

Risk

Risk Encryption Accountability Government

MY TAKE: How ‘credential stuffing’ and ‘account takeovers’ are leveraging Big Data, automation

The Last Watchdog

OCTOBER 16, 2019

Related: Cyber risks spinning out of IoT Credential stuffing and account takeovers – which take full advantage of Big Data, high-velocity software, and automation – inundated the internet in massive surges in 2018 and the first half of 2019, according to multiple reports. Hackers count on it.

Big data

Big data Accountability Passwords Digital transformation

Pwned Passwords in Practice: Real World Examples of Blocking the Worst Passwords

Troy Hunt

MAY 29, 2018

I called it "Pwned Passwords" and released 320M of them from real-world data breaches via both a downloadable file and an online service. Seen a password in a data breach before? But the really cool bit was the k-anonymity model devised by Cloudflare which I talk about in that blog post.

Passwords

Passwords Accountability Data breaches Password Management

Cyber Security Informer

Hot Topic Announces Potential Data Breach Due to Stolen Account Credentials

Volvo retailer leaks sensitive files

Webinars

Trending Sources

T-Mobile Investigating Claims of Massive Data Breach

Webinars

5 Things Retailers Should Know About Cybersecurity

Why retailers must adopt a Zero Trust approach during this holiday season

Freedom Mobile data breach impacts at least 15,000 customers

Here’s Why Credit Card Fraud is Still a Thing

The Clock is Ticking for PCI DSS 4.0 Compliance

A week in security (July 12 – July 18)

Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

The Cost of Doing Nothing

The Cost of Doing Nothing

IAM 101 Series: What Is RBAC?

Securing the future of payments – what does 2018 have in store?

2018 Thales Data Threat Report, Global Edition: Digital Transformation & Data Security

Consumer concerns over GDPR should set alarm bells ringing for businesses

Cyber Security Roundup for April 2021

Notification no-nos: What to avoid when alerting customers of a breach

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

What Retailers Should Know About Cybersecurity This Holiday Season

Retail and Hospitality Trending Holiday Cyber Threats

Breach at Dickey’s BBQ Smokes 3M Cards

Key Aspects of Data Access Governance in Compliance and Auditing

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

Have I Been Pwned is Now Partnering With 1Password

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

MY TAKE: How ‘credential stuffing’ and ‘account takeovers’ are leveraging Big Data, automation

Pwned Passwords in Practice: Real World Examples of Blocking the Worst Passwords

Stay Connected