IndependentsMar 06, 2025
Wixon Jewelers to Close After 37 YearsFirst-generation jewelers Dan and Hope Wixon are retiring and will close their Minneapolis-area jewelry store in May.
MajorsApr 03, 2018
Saks, Lord & Taylor the Latest Hit by Hackers
They reportedly gained access to the retailers’ cash register systems to steal payment card data from more than 5 million customers.
Hudson’s Bay Company announced Sunday that hackers had gained access to the debit and credit card numbers of customers at two of its retailers--Lord &Taylor and Saks.
New York--Saks Fifth Avenue and sister retailer Lord & Taylor just joined the long list of large companies that have been hacked.
On Sunday, parent company Hudson’s Bay Co. issued a short statement confirming that it had become aware of a “data security issue” involving the credit and debit card numbers of customers who shopped at certain Saks Fifth Avenue, Saks Off 5th and Lord & Taylor stores in North America.
While the investigation is ongoing, HBC said it doesn’t appear the breach impacted customers who shopped at any of its other stores or online, including on Gilt.com.
“The company deeply regrets any inconvenience or concern this might cause,” the statement reads. “Once the company has more clarity around the facts, it will notify customers quickly and will offer those impacted free identity protection services, including credit and web monitoring.”
HBC did not release any specifics about the number of consumers or location of stores impacted, but in a blog post also published Sunday, Gemini Advisory pinned the attack on a cybercrime syndicate known as JokerStash or Fin7.
The cybersecurity research firm said Fin7 announced March 28 it would be releasing for sale more than 5 million stolen debit and credit card numbers on the dark web, and already has put about 125,000 out there.
Fin7 didn’t say where it obtained the numbers, but Gemini said it confirmed with a “high degree of confidence” that the numbers came from Saks Fifth Avenue and Lord & Taylor. It estimated the breach occurred between May 2017 and now, impacting all Lord & Taylor and 83 Saks stores mainly in New York and New Jersey.
The research firm said it is “among the most significant credit card heists in modern history.”
A spokesperson for HBC declined to comment on Gemini’s statement.
Cybercrime is a growing problem for retailers, including retail jewelers.
In its recently released annual crime report for 2017, the Jewelers Security Alliance noted a “large dollar increase” in thefts by deception and impersonation made possible by the internet, with the average loss from this type of incident topping $1 million.
JSA President John J. Kennedy called it a “dangerous and growing crime trend” for the industry.
On Monday, he offered a number of cybersecurity tips for retailers. Some, he noted, might involve hiring an IT consulting firm.
Kennedy said retailers need to have proper firewalls and up-to-date anti-malware software for all systems, and they need to avoid visiting “questionable and risky sites.”
Jewelers
Editors' Picks
Sponsored by
also need to educate their staff on the common mistakes made that let hackers in.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
More on Majors
The Latest
CollectionsMar 06, 2025
Guzema, 3.1 Phillip Lim Collab on New ‘Snake’ DesignsThe limited-edition collection, a nod to the Year of the Snake, is Ukrainian brand Guzema’s first partnership with a U.S. brand.
IndependentsMar 06, 2025
Stephen Barnes Is the New Owner of IJOAfter more than 50 years, Jeff Roberts is handing over ownership of the organization to IJO President Stephen Barnes.
Brought to you by
Have a Plan for EmergenciesEmergencies can happen anytime, anywhere , and Jewelers of America has what you need to be prepared for it all.
Events & AwardsMar 06, 2025
Borsheims’ ‘Ike-It’ Award Goes to JewelerSenior Jeweler Jay Wolff was named employee of the year.
Weekly QuizMar 06, 2025
This Week’s QuizTest your jewelry news knowledge by answering these questions.
AuctionsMar 05, 2025
Sotheby's To Auction 51 ‘Alien’ WatchesThe upcoming “Area_51” watch sale is a collaboration with heist-out, featuring vintage and modern timepieces with futuristic designs.
Events & AwardsMar 05, 2025
92NY Accepting 2025 Jewelry Artist Residency ApplicationsThe application period is now open for established and emerging jewelers and metalsmiths to apply to the month-long residency program.
Brought to you by
A Diamond ETF is the Way to Reinvigorate Natural Diamond SalesThe jewelry industry faces challenges from lab-grown diamonds. A diamond ETF can restore natural diamonds' value and drive investor demand.
CrimeMar 04, 2025
4 Suspects Arrested in Fatal Armed Robbery of California Jewelry Store Uc Thí Vo, who co-owned Kim Tin Jewelry in Sacramento with her husband of 40 years, was killed during the November 2024 robbery.
CrimeMar 04, 2025
NYC Diamond Dealer Pleads Guilty to Lab-Grown Diamond SwapsManashe Sezanayev pleaded guilty to grand larceny and is expected to receive five years’ probation when he’s sentenced in May.
TrendsMar 04, 2025
Amanda’s Style File: Peaceful and Powerful AquamarineThe March birthstone pairs perfectly with hues of Mocha Mousse, Pantone’s Color of the Year for 2025.
ColumnistsMar 04, 2025
The Smart Lab: Using Online Events to Supercharge Sales Emmanuel Raheb shares strategies to prepare for, publicize, and engage the audience during events on platforms like TikTok and Zoom.
EditorsMar 03, 2025
Drop Necklaces, Archival Pieces Take Over at the 2025 OscarsFrom Doja Cat to Mikey Madison and Selena Gomez, many of this year’s Academy Awards attendees donned drop necklaces.
Policies & IssuesMar 03, 2025
Customs Indefinitely Postpones Requirement to Disclose Country of MiningOriginally slated to take effect in April, official U.S. Customs and Border Protection documents now show the implementation date as “TBD.”
SurveysMar 03, 2025
Consumer Confidence Fell in February Amid Concerns About the FutureThe recent jump in the prices of household staples, like eggs, and the potential impact of tariffs worried consumers.
Events & AwardsMar 03, 2025
AGA Now Accepting Applications for Its Gemological Education Scholarship The application period for the program is now open for aspiring gemologists around the world.
CollectionsFeb 28, 2025
Piece of the Week: Ironhorse Quillwork EarringsThe work of Indigenous designer Joe Big Mountain, these earrings are similar to the pair Lily Gladstone just wore to the SAG Awards.
AuctionsFeb 28, 2025
300-Year-Old Ring With Ties to Witch Trial Judge Up for Auction A metal detectorist uncovered the ring created in memory of Sir Richard Rainsford, who presided over some of England’s last witch trials.
Recorded WebinarsFeb 28, 2025
Watch: 2025 Jewelry Trends ForecastFine jewelry consultant and publicist Francesca Simons joins Amanda Gizzi and Natalie Francisco to discuss the trends set to rise this year.
TrendsFeb 27, 2025
Model Winnie Harlow Says ‘Yes’ to 3-Stone Engagement RingHarlow’s partner, NBA player Kyle Kuzma, worked with Vobara to design the ring, which features oval and pear-shaped diamonds.
MajorsFeb 27, 2025
Winona Ryder, Iman Star in New Pandora CampaignThe Danish jeweler released the next chapter of its “Be Love” campaign, which celebrates love in all its forms.
SourcingFeb 27, 2025
Gemfields Holds Mini Auction for Higher-Quality EmeraldsThe 13 lots on offer were comprised of material that previously went unsold at the miner’s November auction.
Events & AwardsFeb 27, 2025
JA to Host Workshop During Alabama Jewelers Association ConventionThe learning workshop and the convention are both scheduled to take place April 26 and 27 in Montgomery, Alabama.
Policies & IssuesFeb 26, 2025
EU Once Again Pushes Back Deadline on Diamond Traceability The EU, like the U.S., also now will require diamond importers to provide information about where exactly the diamonds were mined.
SourcingFeb 26, 2025
De Beers, Botswana Make New Diamond Sales Deal OfficialThe formal signing of the agreement comes nearly two years after De Beers and Botswana initially announced they had reached a new deal.
Events & AwardsFeb 26, 2025
JFC Names 2025 ‘Facets’ HonoreesThe charity will celebrate Pandora CEO Alexander Lacik and Brilliant Earth CEO Beth Gerstein at its annual event in Las Vegas.
ColumnistsFeb 25, 2025
Peter Smith: Here’s What I Think Retailers need to have the right merchandise, marketing, and people in place to stay on top in a sea of uncertainty, Peter Smith writes.
