Skip to main content

Monday, April 9, 2018

Today's Message

Posted: Thursday, April 5, 2018

Information Security Awareness: Phishing Blamed for Latest Reported Breaches at Saks, Lord & Taylor

A data breach at department store chains Saks Fifth Avenue and Lord & Taylor began about a year ago and was discovered when another organization found stolen credit and debit card numbers being sold on the dark web. Parent company Hudson's Bay conducted forensics to determine how the cards were stolen.

How did the criminals get access to the card numbers? By phishing the employees at Saks and Lord & Taylor. Some employees clicked on attachments and downloaded malware, which ran undetected.

Read the story in the Guardian.

Takeaways

  • A breach may not be detected for a year or more. Forty-eight out of 50 states have specific breach notification laws. Know your rights. NYS breach notification law
  • Credit card information isn't always sold as soon as it's stolen. Criminals sometimes wait a while before acting on harvested data.
  • Use credit cards instead of debit cards for transactions. Consumers are liable only for the first $50 of a stolen credit card, but most debit cards don’t have that protection.
  • Be wary of every e-mail you receive. Closely examine each message, and don't react before you think about what you are being asked to do.
  • Regularly check https://haveibeenpwned.com.

Protect our campus by protecting yourself. And protect yourself at all times.

Submitted by: Melissa J. Miszkiewicz
Also appeared:
Monday, April 9, 2018
Loading