- Bank Financial Data Breach Affects 32 Lakh Debit Card Holders: Report. From News18.
Around 32 lakh debit card holders in India have been affected by one of the largest ever breaches of financial data in the country, Economic Times reported today.
Customers of the State Bank of India, HDFC Bank, ICICI Bank, YES Bank and Axis Bank are among those affected and the banks will either replace their cards or ask them to change their security codes.
The fraudsters were able to steal information by way of malware introduced to Hitachi Payment Services, which provides ATM and point of sale services.
- Trump hotel chain fined over data breaches. From ComputerWorld.
Trump Hotel Collection has arrived at a settlement with New York Attorney General Eric T. Schneiderman over hacks that are said to have led to the exposure of over 70,000 credit card numbers and other personal data.
The hotel chain, one of the businesses of Republican presidential candidate Donald Trump, has agreed to pay $50,000 in penalties and promised to take measures to beef up its data security practices, according to the attorney general’s office.
The chain is one of many hotels and retailers that have been hit recently by malware that skimmed payment card information.
Kimpton Hotels Acknowledges Data Breach. Kimpton Hotels on Wednesday formally acknowledged that malware found on payment terminals in many of its hotels and restaurants may have compromised credit/debit cards of guests who patronized the properties in the first half of this year. The disclosure comes more than a month after KrebsOnSecurity first contacted to the company about a possible credit card breach across most of its locations.
Malware Infected All Eddie Bauer Stores in U.S., Canada. From KrebsOnSecurity. Clothing store chain Eddie Bauer said today it has detected and removed malicious software from point-of-sale systems at all of its 350+ stores in North America, and that credit and debit cards used at those stores during the first six months of 2016 may have been compromised in the breach. The acknowledgement comes nearly six weeks after KrebsOnSecurity first notified the clothier about a possible intrusion at stores nationwide.
Data Breach At Oracle’s MICROS Point-of-Sale Division. From KrebsOnSecurity.
A Russian organized cybercrime group known for hacking into banks and retailers appears to have breached hundreds of computer systems at software giant Oracle Corp., KrebsOnSecurity has learned. More alarmingly, the attackers have compromised a customer support portal for companies using Oracle’s MICROS point-of-sale credit card payment systems.
Asked this weekend for comment on rumors of a large data breach potentially affecting customers of its retail division, Oracle acknowledged that it had “detected and addressed malicious code in certain legacy MICROS systems.” It also said that it is asking all MICROS customers to reset their passwords for the MICROS online support portal.
- Cicis Restaurant Chain Data Breach. From Cicics.com. While this matter is still under investigation, we wish to report what we currently know. In early March of 2016, we received notice from several of our restaurant locations that their Point of Sale (POS) systems were not working properly. Our POS Vendor began an investigation to assess the problem and initiated heightened security measures. When the POS Vendor found malware on the POS software at some Cicis restaurants, we immediately began a restaurant by restaurant data security review and remediation.
Omni Hotels Warns of Data Breach. From Wall Street Journal. Omni Hotels & Resorts warned customers Friday that hackers stole payment-card information from the hotel chain by gaining access to its point-of-sale systems and installing malicious software. The “malware may have operated between December 23, 2015, and June 14, 2016, although most of the systems were affected during a shorter time frame,” the company said on its website on Friday. Omni said 49 of its 60 North American hotels were affected. The company said it learned of the breach on May 30.
Slicing Into a Point-of-Sale Botnet. From KrebsOnSecurity. Last week, KrebsOnSecurity broke the news of an ongoing credit card breach involving CiCi’s Pizza, a restaurant chain in the United States with more than 500 locations. What follows is an exclusive look at a point-of-sale botnet that appears to have enslaved dozens of hacked payment terminals inside of CiCi’s locations that are being relieved of customer credit card data in real time.
Wendy’s Admits Data Breach Was Worse Than It Originally Thought. From eWeek. It’s often difficult for an organization to initially fully understand the impact of a breach, and such was the case with one suffered by the Wendy’s Co. and its chain of quick-serve restaurants. On June 9, Wendy’s publicly stated that a breach that in May it first admitted happened was worse than initially reported.