WASHINGTON — The Department of Homeland Security estimates that over 1,000 U.S. businesses have been infiltrated by malicious point-of-sale software, significantly broadening the scope of known cyber attacks that hit Target and Neiman Marcus stores in the past year and thrust the issue into the national spotlight, spawning several Congressional probes and hearings.
In an advisory released Friday, the federal agency notified companies about the expanded scope of data security breaches and urged them to “proactively check for possible point-of-sale malware infections.”
Seven POS systems providers or vendors have confirmed security breaches, which have affected “multiple” clients, the agency said.
“Reporting continues on additional compromised locations, involving private sector entities of all sizes, and the Secret Service currently estimates that over 1,000 businesses are affected,” said the agency.
The agency said one particular family of malware, dubbed “Backoff,” was detected in October 2013 but was not recognized by antivirus software solutions until this month, and has “likely infected many victims who are unaware that they have been compromised.”
The National Cybersecurity and Communications Integration Center and U.S. Secret Service issued an advisory on July 31 regarding “Backoff” POS malware that officials said was “exploiting” business payment systems remotely and stealing consumer payment data.
Federal officials said the malware has the ability to scrape memory for track data, log keystrokes, command and control communication and insert “malicious stub” into explorer.exe files.
The agency recommended that companies contact their IT teams, antivirus vendors, managed service providers and POS system vendors to assess whether their systems have been comprised or are vulnerable. The Secret Service is currently contacting impacted businesses, and local offices are fielding calls from victims of the malware.
The massive data security breach at Target Corp. during the holiday shopping season last year, followed by another publicized breach in early January at Neiman Marcus Group Ltd. LLC has raised alarm in the industry, spurring more scrutiny from federal officials and lawmakers on Capitol Hill and industry collaboration and initiatives to protect consumers’ personal and financial data and combat the security breaches and cyber crimes.
Target initially said 40 million consumers who shopped in its U.S. stores between Black Friday and Dec. 15 may have had information stolen from their credit or debit cards. The retailer subsequently learned and disclosed in January that certain consumer data separate from the credit card information was also stolen, and raised the number of potentially affected customers to 100 million. Neiman Marcus disclosed in January that 1.1 million payment cards may have been compromised in its data security breach.
The unprecedented data breach at Target was considered a factor that contributed to the early exit of Gregg Steinhafel as chairman, president and chief executive officer in May. The data security breach is believed to have reduced the level of holiday gift shopping at the chain during a critical business period.
The breach also prompted Target to step up initiatives on security enhancement. The retailer, which has been working toward adopting chip and PIN technology for the last decade, said it has accelerated its $100 million investment to put the technology in place by 2015. Target is working with MasterCard on a new initiative to enable Target-branded credit and debit cards with MasterCard’s chip and PIN solution. The retailers is moving its Red card portfolio to the new technology and installing supporting software and next-generation payment devices in its stores. The new payment terminals will be in all 1,797 U.S. stores by September, six months ahead of schedule.
“My personal philosophy to beauty is paying attention to oneself. I love to be outdoors, lots of fresh air, trying to take care of yourself as best you can. I always notice that comes through,” says Felicity Jones, the global face of @shiseido-owned @cledepeaubeauteus, which launches today. Head to WWD.com to read more about the actress’ love for beauty and how she prepared for her new role in “The Basis of Sex,” playing the young Ruth Bader Ginsburg. #wwdbeauty (📷: @dandoperalski)
For men’s fall 2018, @giuseppezanotti drew on elements from streetwear, sport, biker, combat and rock ‘n’ roll. Pictured here are a pair of shoes from the collection, featuring zippers, rhinestones, and silver hardware. Head to WWD.com to see a roundup of the accessories from Milan’s men’s fall 2018 shows. #wwdfashion (📷: Andrea Delb)
To celebrate the 25th anniversary of @ralphlauren’s snowboarding collection, the brand is mining its archives. The iconic brand is reintroducing vintage styles and dropping new designs for a color capsule that will be available in Ralph Lauren stores and @openingceremony on January 25. The capsule will consist of 10 pieces, including the Snow Beach Pullover, pictured here, which is a collector’s item that rapper Raekwon wore in Wu-Tang Clan’s “Can It Be All So Simple” video. #wwdfashion (📷: Tom Gould)
For @rochasofficial’s pre-fall 2018 collection, creative director Alessandro Dell’Acqua channeled the sophisticated and intriguing Catherine Denevue in the film “Belle de Jour.” Polished collarless coats, midi skirts, suits and ’60s graphic motifs were all featured in the collection, adding a sense of discreet luxury. See the rest of the photos on WWD.com #wwdfashion
“We tried to produce clothing of that couture quality, but the most daunting part was that we only had a matter of days [to do it],” said costume designer Lou Eyrich, who recreated Gianni Versace’s iconic looks for @americancrimestoryfx. Eyrich searched online retailers and vintage shops for original pieces from the design house and for @penelopecruzoficial, who plays Donatella Versace. Head to WWD.com to read how she created the Versace world. #wwdfashion
Only three months after her stellar debut catwalk season, @kaiagerber has inked her first big design collaboration –– with @karllagerfeld. The collection blends Lagerfeld’s Parisian chic aesthetic and the model’s signature West Coast casual style via RTW, accessories, footwear and more. The #KarlLagerfeldxKaia collection will launch in September with a series of events. Get all the details on WWD.com. #wwdnews #wwdfashion
Harrods plans to remove the famous statue of Princess Diana and Dodi Al Fayed from the bottom of the Egyptian escalators and hand it back to Mohamed Al-Fayed. “We are very proud to have played our role in celebrating the lives of Diana, Princess of Wales and Dodi Al Fayed at Harrods and to have welcomed people from around the world to visit the memorial for the past 20 years,” said Michael Ward, Harrods managing director. “With the announcement of the new official memorial statue to Diana, Princess of Wales at Kensington Palace, we feel that the time is right to return this memorial to Mr. Al Fayed and for the public to be invited to pay their respects at the palace.” More on the news, with reporting by @loreleimarfil, at WWD.com. #wwdnews