WASHINGTON — The Department of Homeland Security estimates that over 1,000 U.S. businesses have been infiltrated by malicious point-of-sale software, significantly broadening the scope of known cyber attacks that hit Target and Neiman Marcus stores in the past year and thrust the issue into the national spotlight, spawning several Congressional probes and hearings.
In an advisory released Friday, the federal agency notified companies about the expanded scope of data security breaches and urged them to “proactively check for possible point-of-sale malware infections.”
Seven POS systems providers or vendors have confirmed security breaches, which have affected “multiple” clients, the agency said.
“Reporting continues on additional compromised locations, involving private sector entities of all sizes, and the Secret Service currently estimates that over 1,000 businesses are affected,” said the agency.
The agency said one particular family of malware, dubbed “Backoff,” was detected in October 2013 but was not recognized by antivirus software solutions until this month, and has “likely infected many victims who are unaware that they have been compromised.”
The National Cybersecurity and Communications Integration Center and U.S. Secret Service issued an advisory on July 31 regarding “Backoff” POS malware that officials said was “exploiting” business payment systems remotely and stealing consumer payment data.
Federal officials said the malware has the ability to scrape memory for track data, log keystrokes, command and control communication and insert “malicious stub” into explorer.exe files.
The agency recommended that companies contact their IT teams, antivirus vendors, managed service providers and POS system vendors to assess whether their systems have been comprised or are vulnerable. The Secret Service is currently contacting impacted businesses, and local offices are fielding calls from victims of the malware.
The massive data security breach at Target Corp. during the holiday shopping season last year, followed by another publicized breach in early January at Neiman Marcus Group Ltd. LLC has raised alarm in the industry, spurring more scrutiny from federal officials and lawmakers on Capitol Hill and industry collaboration and initiatives to protect consumers’ personal and financial data and combat the security breaches and cyber crimes.
Target initially said 40 million consumers who shopped in its U.S. stores between Black Friday and Dec. 15 may have had information stolen from their credit or debit cards. The retailer subsequently learned and disclosed in January that certain consumer data separate from the credit card information was also stolen, and raised the number of potentially affected customers to 100 million. Neiman Marcus disclosed in January that 1.1 million payment cards may have been compromised in its data security breach.
The unprecedented data breach at Target was considered a factor that contributed to the early exit of Gregg Steinhafel as chairman, president and chief executive officer in May. The data security breach is believed to have reduced the level of holiday gift shopping at the chain during a critical business period.
The breach also prompted Target to step up initiatives on security enhancement. The retailer, which has been working toward adopting chip and PIN technology for the last decade, said it has accelerated its $100 million investment to put the technology in place by 2015. Target is working with MasterCard on a new initiative to enable Target-branded credit and debit cards with MasterCard’s chip and PIN solution. The retailers is moving its Red card portfolio to the new technology and installing supporting software and next-generation payment devices in its stores. The new payment terminals will be in all 1,797 U.S. stores by September, six months ahead of schedule.
From overseeing America’s fastest-growing speciality retailers to codifying cool, WWD talked to the women who are leading the way for the future of beauty. Check out our Instagram Stories to see how these women built today and are creating tomorrow. (📸: @hannah_khymych) #wwdbeauty
For @laperlalingerie's spring 2018 show, the brand chose to host their event at @thevenetianmacao. With Chinese megastars @bingbing_fan and @hubing in attendance, La Perla debuted a rock ‘n’ roll-inspired collection. The show marked the start of Sands Macao Fashion Week, which runs from October 19 to 24 — the city’s first such event. Pictured here are models backstage with glimmering eyes. #wwdfashion (📷: Cheuk-Yin To)
Trending for spring 2018: top stitch design. Gone are the days of stitch just for seams — designers are using the once-minimal detail to create strong decorative elements. (📷: Paola Testa; Styled by @andrew_shang) #wwdfashion
@tradesy is turning the concept of a showroom upside down with its new space in Santa Monica. Here, the company plans to hold events, art exhibits and a showcase rare fashion pieces like this Louis Vuitton boxing set. Get all the details on Tradesy’s first showroom on WWD.com. #wwdnews
Spotted last night at the @erdem x @hm launch event: Kate Bosworth, Rashida Jones, Kirsten Dunst and Selma Blair. The party, which took place in LA, also marked the opening of their pop-up shop. “I was interested in creating a collection that wasn’t in any way disposable. It was about pieces you’d create and keep forever, things that have a permanence to it,” designer Erdem Moralioglu said. #wwdeye (📷: Katie Jones)
Renee Zellweger in yellow in 2001 and again in 2017. Chosen as one of the 12 @pantone Leading Spring Colors (and dubbed “Meadowlark”), it only makes sense that the bright hue stands the test of time and is making a resurgence this season, seen already on stars like @blakelively and @gigihadid. (📷: Donato Sardello & @rexfeatures) #wwdfashion #tbt
Dior’s 70th anniversary celebration continues with a new exhibition at the Royal Ontario Museum in Toronto. “Christian Dior,” which is scheduled to run through March 18, takes a look at the founders tenure from 1947 to 1057 and feature 40 designs. Pictured here is an evening gown from the Ailée, fall 1948-49 haute couture collection. #wwdfashion (📷: Brian Boyle)