WASHINGTON — The Department of Homeland Security estimates that over 1,000 U.S. businesses have been infiltrated by malicious point-of-sale software, significantly broadening the scope of known cyber attacks that hit Target and Neiman Marcus stores in the past year and thrust the issue into the national spotlight, spawning several Congressional probes and hearings.
In an advisory released Friday, the federal agency notified companies about the expanded scope of data security breaches and urged them to “proactively check for possible point-of-sale malware infections.”
Seven POS systems providers or vendors have confirmed security breaches, which have affected “multiple” clients, the agency said.
“Reporting continues on additional compromised locations, involving private sector entities of all sizes, and the Secret Service currently estimates that over 1,000 businesses are affected,” said the agency.
The agency said one particular family of malware, dubbed “Backoff,” was detected in October 2013 but was not recognized by antivirus software solutions until this month, and has “likely infected many victims who are unaware that they have been compromised.”
The National Cybersecurity and Communications Integration Center and U.S. Secret Service issued an advisory on July 31 regarding “Backoff” POS malware that officials said was “exploiting” business payment systems remotely and stealing consumer payment data.
Federal officials said the malware has the ability to scrape memory for track data, log keystrokes, command and control communication and insert “malicious stub” into explorer.exe files.
The agency recommended that companies contact their IT teams, antivirus vendors, managed service providers and POS system vendors to assess whether their systems have been comprised or are vulnerable. The Secret Service is currently contacting impacted businesses, and local offices are fielding calls from victims of the malware.
The massive data security breach at Target Corp. during the holiday shopping season last year, followed by another publicized breach in early January at Neiman Marcus Group Ltd. LLC has raised alarm in the industry, spurring more scrutiny from federal officials and lawmakers on Capitol Hill and industry collaboration and initiatives to protect consumers’ personal and financial data and combat the security breaches and cyber crimes.
Target initially said 40 million consumers who shopped in its U.S. stores between Black Friday and Dec. 15 may have had information stolen from their credit or debit cards. The retailer subsequently learned and disclosed in January that certain consumer data separate from the credit card information was also stolen, and raised the number of potentially affected customers to 100 million. Neiman Marcus disclosed in January that 1.1 million payment cards may have been compromised in its data security breach.
The unprecedented data breach at Target was considered a factor that contributed to the early exit of Gregg Steinhafel as chairman, president and chief executive officer in May. The data security breach is believed to have reduced the level of holiday gift shopping at the chain during a critical business period.
The breach also prompted Target to step up initiatives on security enhancement. The retailer, which has been working toward adopting chip and PIN technology for the last decade, said it has accelerated its $100 million investment to put the technology in place by 2015. Target is working with MasterCard on a new initiative to enable Target-branded credit and debit cards with MasterCard’s chip and PIN solution. The retailers is moving its Red card portfolio to the new technology and installing supporting software and next-generation payment devices in its stores. The new payment terminals will be in all 1,797 U.S. stores by September, six months ahead of schedule.
Supermodel @helenachristensen teamed up with longtime friend and designer @camillastaerk on a joint @paredeyewear collaboration. The lineup features three styles and 11 offerings, all of which embody a vintage feel. Get all the details on how they celebrated the collab on WWD.com. #wwdaccessories #wwdeye (📷: @slovekinpics)
“It’s a hard industry to keep motivated, as well, so finding different subjects and people is what makes it worth it – when you’re like, oh, I’ve met great people, I feel like I’ve done something good, and I feel proud of having done this,” said French actress Stacy Martin on being grateful for the variety of roles she’s take on. Read @ktauer’s full interview with Martin on her her latest film “Godard Mon Amour.” #wwdeye (📷: @danieldorsa)
After showing in front of the Eiffel Tower for his last two women’s ready-to-wear collection, it looks like @anthonyvaccarello may be heading to the Big Apple. Sources say the designer will stage his next @ysl show in NYC on June 6. Get all the details on WWD.com. #wwdnews #wwdfashion (📷: @aitorrosasphoto)
EXCLUSIVE: Two and half months after John Targon, cofounder and codesigner of Baja East, was hired as creative director of the contemporary division at Marc Jacobs, he has left the company, WWD has learned. Marc Jacobs International, which is owned by LVMH Moët Hennessy Louis Vuitton, confirmed Targon’s departure in a statement: “John Targon is a talented designer and we appreciate the work he has done here. Ultimately working together did not make sense for the brand and we wish him the best.” Read the story by @jessiredale, link in bio. #wwdnews
@theluxurycollection is officially launching a collection, tapping Sofia Sanchez de Betak for the capsule. Over 30 styles will be featured in the Chufy x The Luxury Collection, debuting next month at Bergdorf Goodman, The Webster, FiveStory and more. De Betak, known as “@chufy,” drew inspiration for the collection from her trips to Japan in the past year #wwdfashion
@lhd, founder and CEO of @thewebster, has teamed up with @lebonmarcherivegauche for the European launch of her ready-to-wear line, LHD. The launch will come with an exclusive pop-up opening today that’s set to run through May 20. Located on the second floor, it carries her debut Miami-themed resort collection, launched in November as see-now-buy-now. #wwdfashion