SourcingDec 27, 2024
IDCA Announces 2025 Board MembersManoj Bhandari, a principal of RMC Gems Inc., is the new president of the Indian Diamond & Colorstone Association.
MajorsApr 03, 2018
Saks, Lord & Taylor the Latest Hit by Hackers
They reportedly gained access to the retailers’ cash register systems to steal payment card data from more than 5 million customers.
Hudson’s Bay Company announced Sunday that hackers had gained access to the debit and credit card numbers of customers at two of its retailers--Lord &Taylor and Saks.
New York--Saks Fifth Avenue and sister retailer Lord & Taylor just joined the long list of large companies that have been hacked.
On Sunday, parent company Hudson’s Bay Co. issued a short statement confirming that it had become aware of a “data security issue” involving the credit and debit card numbers of customers who shopped at certain Saks Fifth Avenue, Saks Off 5th and Lord & Taylor stores in North America.
While the investigation is ongoing, HBC said it doesn’t appear the breach impacted customers who shopped at any of its other stores or online, including on Gilt.com.
“The company deeply regrets any inconvenience or concern this might cause,” the statement reads. “Once the company has more clarity around the facts, it will notify customers quickly and will offer those impacted free identity protection services, including credit and web monitoring.”
HBC did not release any specifics about the number of consumers or location of stores impacted, but in a blog post also published Sunday, Gemini Advisory pinned the attack on a cybercrime syndicate known as JokerStash or Fin7.
The cybersecurity research firm said Fin7 announced March 28 it would be releasing for sale more than 5 million stolen debit and credit card numbers on the dark web, and already has put about 125,000 out there.
Fin7 didn’t say where it obtained the numbers, but Gemini said it confirmed with a “high degree of confidence” that the numbers came from Saks Fifth Avenue and Lord & Taylor. It estimated the breach occurred between May 2017 and now, impacting all Lord & Taylor and 83 Saks stores mainly in New York and New Jersey.
The research firm said it is “among the most significant credit card heists in modern history.”
A spokesperson for HBC declined to comment on Gemini’s statement.
Cybercrime is a growing problem for retailers, including retail jewelers.
In its recently released annual crime report for 2017, the Jewelers Security Alliance noted a “large dollar increase” in thefts by deception and impersonation made possible by the internet, with the average loss from this type of incident topping $1 million.
JSA President John J. Kennedy called it a “dangerous and growing crime trend” for the industry.
On Monday, he offered a number of cybersecurity tips for retailers. Some, he noted, might involve hiring an IT consulting firm.
Kennedy said retailers need to have proper firewalls and up-to-date anti-malware software for all systems, and they need to avoid visiting “questionable and risky sites.”
Jewelers
also need to educate their staff on the common mistakes made that let hackers in.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
More on Majors
The Latest
Events & AwardsDec 27, 2024
18 Designers Graduate from WJA’s Jewelry Loupe ProjectThe designers participated in a six-month business development and mentorship program to develop and launch their jewelry collections.
MajorsDec 24, 2024
Boucheron Bets on Las VegasThe brand has opened its second U.S. location in the Fontainebleau resort and casino.
Brought to you by
A Diamond Is Forever Celebrates "Forever Present" Holiday CampaignA Diamond is Forever hosted a holiday celebration in honor of their new marketing campaign, ‘Forever Present.’
EditorsDec 24, 2024
The Spectrum Jewels I Want to Find Under the Tree Associate Editor Lauren McLemore highlights pieces from the AGTA Spectrum & Cutting Edge Awards she’d be thrilled to unwrap on Christmas.
Weekly QuizDec 27, 2024
This Week’s QuizTest your jewelry news knowledge by answering these questions.
SourcingDec 24, 2024
Gemfields to Temporarily Suspend Emerald MiningThe move is one of several cost-cutting measures outlined by the company as it faces a weaker luxury market and other challenges.
IndependentsDec 23, 2024
Philadelphia 76ers’ Tyrese Maxey Stars in The 1916 Company’s New CampaignThe retailer’s “On the Clock” campaign celebrates how time, precision, and purpose come together.
Brought to you by
De Beers Group Launches Holiday Campaign for Natural Diamonds‘Forever Present’ campaign revives the iconic A Diamond is Forever tagline and celebrates the diamond dream.
EditorsDec 23, 2024
My Favorite Piece of the Week Jewels of 2024Associate Editor Natalie Francisco chose her 12 favorite Piece of the Week picks from the year gone by.
GradingDec 23, 2024
GIA Adds Filler Identification to Emerald ReportsLab clients have the option to request this addition on their emerald reports.
Events & AwardsDec 20, 2024
Two Participants Complete Inaugural Ella Klein InternshipJamie Dunton and Gabriella Botelho are the first graduates of the program, created by the WJA Foundation and Julius Klein Diamonds.
CollectionsDec 20, 2024
Piece of the Week: Retrouvaí’s Ring for CharityIn the spirit of giving, Retrouvaí will donate $4,000 from the sale of this ring to the Los Angeles Regional Food Bank.
IndependentsDec 19, 2024
Michigan’s DeVries Jewelers Unveils New Location in Time for the HolidaysCo-owner Dan DeVries shared what it’s like moving into a space triple the size of its old store and how it feels to be a “real jeweler” now.
CollectionsDec 19, 2024
State Property Transforms Spain’s Generalife Gardens into JewelryAlong with the latest “Gardens” collection, the brand has released limited-edition designs offering more indulgent pieces.
CrimeDec 19, 2024
Alleged Jewelry Thieves Attempt Rowboat EscapeThe man and woman are accused of stealing jewelry from a shipping container then trying to flee by paddling a small boat out into a bay.
SourcingDec 19, 2024
The Second-Largest Diamond Ever Found Now Has a Name The 2,488-carat diamond recovered from a mine in Botswana has been dubbed “Motswedi” while its 1,094-carat sibling is “Seriti.”
SourcingDec 19, 2024
Gemfields Reports Record Ruby Auction Results Despite Challenges at SourceThe average price per carat hit a record high for the miner, which said it remains unaffected by the conflict in Mozambique.
AuctionsDec 18, 2024
Alexandrite Ring Sells for Record-Setting $1.9M at Sotheby’sThe nearly 17-carat stone made history for the color-change gem that, according to the auction house, is experiencing a “notable surge” in the market.
WatchesDec 18, 2024
Historic Titanic Pocket Watch Winds Its Way Back to Tiffany & Co. More than a century after survivors gifted a Tiffany timepiece to the captain of the ship that rescued them, the jeweler has reclaimed it.
TechnologyDec 18, 2024
Picchiotti Utilizes AI in ‘Spotlight’ Video CampaignThe videos highlight how pieces from the “Xpandable” and “Reversible Xpandable” collections put the wearer in the spotlight.
IndependentsDec 18, 2024
Industry Veteran Steve Feldman Set to RetireFeldman reflected on 45 years in the jewelry industry and clarified that it’s not a total retirement.
Events & AwardsDec 17, 2024
Chanel to Receive Gem Award for High Jewelry ExcellenceThe luxury brand is being honored for excellence in high jewelry design in its “Haute Joaillerie Sport” collection.
SourcingDec 17, 2024
Frank Circelli, Founder of Gem Shopping Network, Dies at 75Circelli was a pioneer in the world of TV shopping who is remembered for his passion for gemstones and his big personality.
AuctionsDec 17, 2024
Blue Diamond Fetches $8.8M at Christie’sThe nearly 6-carat stone headlined the recent jewelry auction, which also featured Mica Ertegun’s jewelry.
CrimeDec 17, 2024
‘Black Bin Crew’ Robbers Get 14-16 Years in Prison The three men, who got their nickname because they’d toss the jewelry they stole into black plastic bins, were arrested back in August.
TrendsDec 16, 2024
Marion Fasel’s New Book Delves Into the History of Engagement Rings“The History of Diamond Engagement Rings: A True Romance” is a 128-page small-format book containing more than 165 images.
WatchesDec 16, 2024
Take a Look Inside the New Rolex Boutique on Rodeo DriveGearys opened a 6,200-square-foot Rolex store with a design that pays homage to the brand’s connection to the ocean.
