Latest Data Breaches Hit FIs, Retailers (Oct. 14, 2014)
Data breaches continue to hit some of the U.S.’s largest corporations, with a spate of financial institutions and retailers announcing incidents over the past two weeks. On Oct. 2, JPMorgan Chase said it had been the victim of a cyberattack this summer that compromised the names, addresses, email addresses and phone numbers of 76 million households and 7 million small businesses—the largest-ever reported attack of its kind. In a filing with the SEC, JPMorgan said hackers operating overseas were behind the June breach, but there was no evidence that any account passwords or Social Security numbers were among the compromised data, nor was there any sign of fraud stemming from the breach. Soon after the JPMorgan announcement, it was reported that nine other banks suffered similar data breaches, with the same group of Russia-based hackers likely responsible.
In the retail sector, Kmart last week revealed that its security team discovered malware installed on its payment data systems in early September, exposing customer payment card numbers. The retailer said there was no evidence of any PINs or personal data being exposed and that the malware had been removed. Kmart is offering free credit monitoring protection to affected customers. Also last week, Dairy Queen announced that nearly 400 of its locations had been infected with malware. The company said the breach was the result of a third-party vendor’s account credentials being compromised, enabling cybercriminals to access the stores’ systems.
See related stories: