Report: Holiday Hackers Attacked At Least Three Other Major Retailers

Illustration for article titled Report: Holiday Hackers Attacked At Least Three Other Major Retailers

If you thought you dodged a bullet during Target and Neiman Marcus' holiday data breaches, you might want to sit down. According to a Reuters report published early this morning, at least three other well-known U.S. retailers were hacked, too.

Unfortunately, we don't know which retailers yet—only that they're "well-known" and common in malls—but the perpetrators might be the same dudes who hacked Target and Neiman Marcus, which experienced a similar breach in December.


According to the report, the hackers likely hail from Eastern Europe—and it turns out they staged a series of "trial" hacks that took place in late November. Those attacks were used to help plan the larger operation in December, using a technique called "RAM scraping:"

One of the pieces of malware they used was something known as a RAM scraper, or memory-parsing software, which enables cyber criminals to grab encrypted data by capturing it when it travels through the live memory of a computer, where it appears in plain text, the sources said.

Legal snarls complicate informing customers, and credit card companies aren't allowed to disclose the names of hacked companies until they do so themselves. It sounds as though these new breaches might not be as gargantuan as Target's, which is good. But counting Target and Neiman Marcus alone, the info of roughly 110 million customers has already been stolen. And that number is set to make a huge jump as the Department of Justice investigates these new breaches.

Either way, it's probably just safer to assume your data has been breached—but don't panic—check out our guide to protecting yourself. [Reuters]


Image: Igor Stepovik/Shutterstock.


Share This Story

Get our `newsletter`


Can't wait to find out who this was. Why isn't the law written requiring immediate disclosure?

This is making me rethink using retail ever again.