IndependentsJun 25, 2025
Marissa Collections Opens in Nantucket as Legal Fight ContinuesThe Vault’s Katherine Jetter is accusing the retailer of using info she shared for a potential partnership to move into Nantucket.
MajorsApr 03, 2018
Saks, Lord & Taylor the Latest Hit by Hackers
They reportedly gained access to the retailers’ cash register systems to steal payment card data from more than 5 million customers.
Hudson’s Bay Company announced Sunday that hackers had gained access to the debit and credit card numbers of customers at two of its retailers--Lord &Taylor and Saks.
New York--Saks Fifth Avenue and sister retailer Lord & Taylor just joined the long list of large companies that have been hacked.
On Sunday, parent company Hudson’s Bay Co. issued a short statement confirming that it had become aware of a “data security issue” involving the credit and debit card numbers of customers who shopped at certain Saks Fifth Avenue, Saks Off 5th and Lord & Taylor stores in North America.
While the investigation is ongoing, HBC said it doesn’t appear the breach impacted customers who shopped at any of its other stores or online, including on Gilt.com.
“The company deeply regrets any inconvenience or concern this might cause,” the statement reads. “Once the company has more clarity around the facts, it will notify customers quickly and will offer those impacted free identity protection services, including credit and web monitoring.”
HBC did not release any specifics about the number of consumers or location of stores impacted, but in a blog post also published Sunday, Gemini Advisory pinned the attack on a cybercrime syndicate known as JokerStash or Fin7.
The cybersecurity research firm said Fin7 announced March 28 it would be releasing for sale more than 5 million stolen debit and credit card numbers on the dark web, and already has put about 125,000 out there.
Fin7 didn’t say where it obtained the numbers, but Gemini said it confirmed with a “high degree of confidence” that the numbers came from Saks Fifth Avenue and Lord & Taylor. It estimated the breach occurred between May 2017 and now, impacting all Lord & Taylor and 83 Saks stores mainly in New York and New Jersey.
The research firm said it is “among the most significant credit card heists in modern history.”
A spokesperson for HBC declined to comment on Gemini’s statement.
Cybercrime is a growing problem for retailers, including retail jewelers.
In its recently released annual crime report for 2017, the Jewelers Security Alliance noted a “large dollar increase” in thefts by deception and impersonation made possible by the internet, with the average loss from this type of incident topping $1 million.
JSA President John J. Kennedy called it a “dangerous and growing crime trend” for the industry.
On Monday, he offered a number of cybersecurity tips for retailers. Some, he noted, might involve hiring an IT consulting firm.
Kennedy said retailers need to have proper firewalls and up-to-date anti-malware software for all systems, and they need to avoid visiting “questionable and risky sites.”
Jewelers
also need to educate their staff on the common mistakes made that let hackers in.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
More on Majors
The Latest
CrimeJun 25, 2025
Customs Nabs Another Big Shipment of Fake Cartier, Van Cleef JewelryAgents seized 2,193 pieces, a mix of counterfeit Cartier “Love” and “Juste Un Clou” bracelets, and Van Cleef & Arpels’ “Alhambra” design.
CollectionsJun 25, 2025
Splash into Karina Choudhrie’s Collection of Underwater Circus PerformersThe designer brought her children’s book, “The Big Splash Circus,” to life through a collection of playful fine jewelry characters.
Brought to you by
Investing in the Next Generation of Bench JewelersThe Seymour & Evelyn Holtzman Bench Scholarship from Jewelers of America returns for a second year.
Events & AwardsJun 25, 2025
JA Announces Impact Initiative Fund RecipientsThe trade association has chosen the recipients of the funding initiative it formed to foster the growth and sustainability of the industry.
Weekly QuizJun 20, 2025
This Week’s QuizTest your jewelry news knowledge by answering these questions.
SourcingJun 25, 2025
2025 AGTA Spectrum Awards Open for EntriesThe organization has also announced this year’s slate of judges.
EditorsJun 24, 2025
The Best New Jewelry from Couture 2025, Part 2Associate Editor Natalie Francisco shares 20 additional pieces that stood out to her at the Couture show.
Brought to you by
Jewelers of America is Headed to Las Vegas for JCK 2025The countdown is on for the JCK Las Vegas Show and JA is pulling out all the stops.
IndependentsJun 24, 2025
Colorado Bench Jeweler Celebrates 50 Years With Local RetailerLori Tucker started at Williams Jewelers when she was 18 years old.
WatchesJun 24, 2025
Citizen’s New ‘Fantastic Four’ Watch Is Literally Super The “Marvel | Citizen Zenshin” watch is crafted in Super Titanium and has subtle nods to all four “Fantastic Four” superheroes on the dial.
GradingJun 23, 2025
GIA Names New President and CEO Pritesh Patel, the lab’s chief operating officer, will take over as president and CEO of GIA.
Recorded WebinarsJun 23, 2025
Watch: Top Trends at Couture, JCK Las Vegas 2025National Jeweler and Jewelers of America discuss the standout jewelry trends and biggest news to emerge from the shows this year.
SourcingJun 23, 2025
Diamond Producers, Organizations to Kick in Money to Promote Natural DiamondsSignatories to the “Luanda Accord” committed to allocating 1 percent of annual diamond revenue to the Natural Diamond Council.
Events & AwardsJun 23, 2025
Jose Hess Design Awards Celebrate 6 Jewelry DesignersThe winning designs captured the “Radiance” theme.
Events & AwardsJun 23, 2025
Gem Awards Now Accepting Nominations for 2026Nominations in the categories of Jewelry Design, Media Excellence, and Retail Innovation will be accepted through July 30.
TrendsJun 20, 2025
Dua Lipa Stays On-Trend With Chunky Engagement RingThe singer’s ring ticks off many bridal trends, with a thick band, half-bezel setting, and solitaire diamond.
TrendsJun 20, 2025
Piece of the Week: Yvonne Léon’s ‘Python Gold’ BraceletThe bracelet references vintage high jewelry and snake symbolism as a playful piece where a python’s head becomes a working belt buckle.
CrimeJun 18, 2025
7 Men Indicted in $100M Brinks Jewelry HeistThe heist happened in Lebec, California, in 2022 when a Brinks truck was transporting goods from one show in California to another.
AuctionsJun 18, 2025
Historic ‘Marie-Thérèse Pink’ Diamond Fetches $14M at Christie’sThe 10-carat fancy purple-pink diamond with potential links to Marie Antoinette headlined the white-glove jewelry auction this week.
EditorsJun 18, 2025
Q&A: Caryl Capeci Dives Into Cruise Jewelry ShoppingThe Starboard Cruises SVP discusses who is shopping for jewelry on ships, how much they’re spending, and why brands should get on board.
AuctionsJun 18, 2025
16th-Century ‘Gresham Grasshopper’ Ring Sells for $56KThe historic signet ring exceeded its estimate at Noonans Mayfair’s jewelry auction this week.
CollectionsJun 18, 2025
Kirk Kara Celebrates 135 Years With New JewelsTo mark the milestone, the brand is introducing new non-bridal fine jewelry designs for the first time in two decades.
SourcingJun 18, 2025
Gemfields Sells 36-Carat Rough RubyThe gemstone is the third most valuable ruby to come out of the Montepuez mine, Gemfields said.
TechnologyJun 18, 2025
Alex Brown Named President of Smithee GroupFounder and longtime CEO Ben Smithee will stay with the agency, transitioning into the role of founding partner and strategic advisor.
EditorsJun 17, 2025
The Best New Jewelry from Couture 2025, Part 1Associate Editor Natalie Francisco shares 20 of her favorite pieces from the jewelry collections that debuted at Couture.
ColumnistsJun 17, 2025
Peter Smith: Is Your Comp Plan a Hiring Hindrance?If you want to attract good salespeople and generate a stream of “sleeping money” for your jewelry store, then you are going to have to pay.
AuctionsJun 17, 2025
Colored Gemstones, Signed Jewels Shine in Sotheby’s High Jewelry SaleThe top lot was a colorless Graff diamond, followed by a Burmese ruby necklace by Marcus & Co.
