High end retailers Saks Fifth Avenue and Lord & Taylor are acknowledging that they were the victim of a data breach going back to May of 2017 discovered on March 28, 2017 in which as many as five million credit cards and debit cards used at locations of these stores throughout the country were stolen. The first 125,000 of the stolen credit cards are already being sold on the Dark Web website JokerStash. The sale on the Dark Web of only a portion of the stolen websites at any one time is a common tactic used by hackers both in order to avoid saturating their market with too many cards at one time, which could reduce the price they could get per card and also to avoid Banks who follow Dark Web websites such as JokerStash readily identifying the cards as being involved in the data breach. Banks do a good job of monitoring fraudulent credit card use when a person’s credit card is used in an uncharacteristic manner, which makes this particular data breach more troublesome because purchases of high tech electronics and other expensive goods using stolen credit cards may be compatible with the shopping habits of the person whose card was stolen in these particular data breaches making it more difficult to stop the fraud in its early stages. Expensive goods such as jewelry and high tech electronics are favorites of hackers who buy these products and then sell them on the black market to convert them into cash.
It has not yet been determined how the data breach was accomplished although it is theorized that malware was downloaded through spear phishing emails into the computer system and credit card processing equipment of Saks and Lord & Taylor. The Wall Street Journal is reporting that both of these store chains had switched their credit card processing equipment to the more secure EMV chip credit card processing equipment which, if operating properly should have prevented access to the credit card number of the shopper’s credit or debit card at the time of the sale. It may well be that various locations of the two stores had not switched over yet to the safer EMV chip card processing equipment which generates a unique number for every transaction rather than using the static card number. It can be expected that more information about this aspect of the data breach will come out soon.
Certainly if you were a customer of either store since May of 2017 you should check your credit card statement carefully on a regular basis and if you used a debit card, you should monitor the account to which your card is tied very frequently for indications of fraud. This is another opportunity to remind everyone to restrict your use of your debit card to use at ATMs and not to use it for retail purchases because the laws that protect you from fraudulent use of your debit card are not as strong as those that protect you in the event of the fraudulent use of your credit card.  Also, because data breaches in which credit cards and debit card information is stolen are so common, everyone should regularly monitor their credit card statements and bank accounts to which their debit cards are tied on a regular basis to look for evidence of fraudulent charges.
Both stores have indicated that once the circumstances surrounding the data breach have become more clear, they will be offering free identity protection services including credit and web monitoring. I will keep you informed as to new developments in this story.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”