Hackers Just Stole Credit Card Data From 5 Million Saks And Lord & Taylor Shoppers

Large scale hacks at major retailers have become almost commonplace in our modern world. Today, the victims are Saks Fifth Avenue and Lord & Taylor. Hackers reportedly installed software on cash registers that delivered credit card information every time someone made a purchase. More than five million people’s cards were compromised before the program was noticed.

Gemini Advisory, a cyber-security company, was the first to spot and report the breach. They claim a cyber crime syndicate known as Fin7 was responsible for the hacking and has already put 125,000 stolen credit card numbers on sale on the dark web. Russia-based Fin7 is the same group that hacked Whole Foods, Chipotle, Omni Hotels & Resorts, and Trump Hotels. The rest of the stolen credit card information should appear online in the coming months, according to the Advisory. 

While five million accounts stolen is nothing to scoff at, this breach at Saks and Lord & Taylor is only the most recent in a long line of even larger hacks. In 2013, 41 million customers’ card information was stolen from Target, 50 million were taken from Home Depot in 2014, and the historic Equifax hacking in 2017 compromised the accounts of 143 million.

Hackers targeted these stores because their price tags make stolen identities harder to detect.

Normally, a sudden expensive purchase is a dead giveaway for a hacked account, but spending a lot of money very quickly isn’t as unusual for customers of Saks Fifth Avenue or Lord & Taylor. The extra time it takes authorities to determine whether an account has been hacked or not can be extremely valuable to cyber criminals.

Both hacked stores are owned by the Hudson Bay Company, who issued a statement:

Once we have more clarity around the facts, we will notify our customers quickly and will offer those impacted free identity protection services, including credit and web monitoring.

If you’ve recently shopped at Saks or Lord & Taylor, financial experts recommend temporarily freezing your account or, at the very least, keeping a close eye on your store card expenditures to make sure your identity hasn’t been compromised. And remember this advice, because it will surely come in handy during the next major hacking, which could be anytime now.

H/T – Mashable, CNN Money