Policies & IssuesJan 30, 2025
RJC Executive Director Melanie Grant Is Stepping Down An experienced jewelry writer and curator, Grant led the organization for two years.
MajorsApr 03, 2018
Saks, Lord & Taylor the Latest Hit by Hackers
They reportedly gained access to the retailers’ cash register systems to steal payment card data from more than 5 million customers.
Hudson’s Bay Company announced Sunday that hackers had gained access to the debit and credit card numbers of customers at two of its retailers--Lord &Taylor and Saks.
New York--Saks Fifth Avenue and sister retailer Lord & Taylor just joined the long list of large companies that have been hacked.
On Sunday, parent company Hudson’s Bay Co. issued a short statement confirming that it had become aware of a “data security issue” involving the credit and debit card numbers of customers who shopped at certain Saks Fifth Avenue, Saks Off 5th and Lord & Taylor stores in North America.
While the investigation is ongoing, HBC said it doesn’t appear the breach impacted customers who shopped at any of its other stores or online, including on Gilt.com.
“The company deeply regrets any inconvenience or concern this might cause,” the statement reads. “Once the company has more clarity around the facts, it will notify customers quickly and will offer those impacted free identity protection services, including credit and web monitoring.”
HBC did not release any specifics about the number of consumers or location of stores impacted, but in a blog post also published Sunday, Gemini Advisory pinned the attack on a cybercrime syndicate known as JokerStash or Fin7.
The cybersecurity research firm said Fin7 announced March 28 it would be releasing for sale more than 5 million stolen debit and credit card numbers on the dark web, and already has put about 125,000 out there.
Fin7 didn’t say where it obtained the numbers, but Gemini said it confirmed with a “high degree of confidence” that the numbers came from Saks Fifth Avenue and Lord & Taylor. It estimated the breach occurred between May 2017 and now, impacting all Lord & Taylor and 83 Saks stores mainly in New York and New Jersey.
The research firm said it is “among the most significant credit card heists in modern history.”
A spokesperson for HBC declined to comment on Gemini’s statement.
Cybercrime is a growing problem for retailers, including retail jewelers.
In its recently released annual crime report for 2017, the Jewelers Security Alliance noted a “large dollar increase” in thefts by deception and impersonation made possible by the internet, with the average loss from this type of incident topping $1 million.
JSA President John J. Kennedy called it a “dangerous and growing crime trend” for the industry.
On Monday, he offered a number of cybersecurity tips for retailers. Some, he noted, might involve hiring an IT consulting firm.
Kennedy said retailers need to have proper firewalls and up-to-date anti-malware software for all systems, and they need to avoid visiting “questionable and risky sites.”
Jewelers
Editors' Picks
Sponsored by
also need to educate their staff on the common mistakes made that let hackers in.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
More on Majors
The Latest
CollectionsJan 30, 2025
Pharrell Williams Brings Tahitian Pearls to His New Tiffany & Co. CollectionFive new designs were added, all donning Tahitian cultured pearls and spear-like trident motifs, along with the new “Titan” setting.
Events & AwardsJan 30, 2025
Registration Open for Converge 2025The inaugural event is being co-hosted by the American Gem Society and the Gemological Institute of America.
Brought to you by
3 New Year’s Resolutions for Jewelry Lovers The new year feels like a clean slate, inspiring reflection, hope, and the motivation to become better versions of ourselves.
CollectionsJan 29, 2025
Boucheron’s High Jewelry Takes the Form of ‘Untamed Nature’The jeweler’s latest high jewelry collection looks into the Boucheron archives to create a “living encyclopedia of high jewelry.”
Weekly QuizJan 30, 2025
This Week’s QuizTest your jewelry news knowledge by answering these questions.
FinancialsJan 29, 2025
LVMH Watch, Jewelry Sales End the Year DownWatch and jewelry sales slipped 3 percent in 2024, though the luxury conglomerate did see business pick up in the fourth quarter.
MajorsJan 29, 2025
Chanel Names New General Manager of Watches, Fine Jewelry for USOlivier Kessler-Gay will take over the role on March 3.
Brought to you by
A Diamond Is Forever Celebrates "Forever Present" Holiday CampaignA Diamond is Forever hosted a holiday celebration in honor of their new marketing campaign, ‘Forever Present.’
SurveysJan 29, 2025
Consumer Confidence Slips for Second Consecutive Month It hit a four-month low in January due to concerns about the job market, though consumers remain bullish about the stock market.
Events & AwardsJan 29, 2025
Chris Ploof To Teach Mokume Gane at AJSThe jewelry designer and master metalsmith will present on the ancient Japanese metalworking technique at the Atlanta Jewelry Show in March.
SourcingJan 28, 2025
WFDB Joins Efforts to Promote Natural Diamonds With New CampaignThe “Moments” social media campaign emphasizes the emotional ties between natural diamonds and life’s special milestones.
CollectionsJan 28, 2025
Bliss Lau Celebrates the Intricate Mosaic of Identity in New CollectionThe versatile “As We Are” collection features 14 pieces with interlocking designs allowing for 27 different looks worn around the body.
SourcingJan 28, 2025
Botswana’s First Olympic Gold Medalist Is Now a De Beers Ambassador Letsile Tebogo will help to promote natural diamonds and the good they have done for his country.
Events & AwardsJan 28, 2025
NouvelleBox Show Returns to New York CityThe showcase, in its second year, will feature more than 20 international brands at its curated event from Feb. 2-4.
Recorded WebinarsJan 28, 2025
Watch: Fine Jewelry Market Predictions for 2025 “My Next Question” guests Sherry Smith and Edahn Golan share their 2025 forecasts, from sales and marketing to what retailers should stock.
Events & AwardsJan 28, 2025
Here Is the 2025 AGTA GemFair Tucson Educational LineupThe seminar series covers topics from market trends and colored stone terminology to working with museums and growing an Instagram profile.
MajorsJan 27, 2025
Le Vian Corp. Chairman Larry LeVian, a Man of Faith and Family, Dies at 73 LeVian is remembered for his leadership in the jewelry industry and for being a selfless and compassionate person.
CrimeJan 27, 2025
New Jersey Jeweler Sentenced to 2 1/2 Years for Evading CustomsMonishkumar Kirankumar Doshi Shah pleaded guilty to evading customs on more than $13.5 million of jewelry imported into the U.S.
SourcingJan 27, 2025
Dev Shetty To Head New Auction House for Rare Colored GemsJemora Gemhouse’s inaugural auction, slated for March, will take place in Dubai and feature polished sapphires.
CollectionsJan 27, 2025
Rachel Quinn Embodies Feelings of Falling in Love in New CollectionQuinn partnered with Gemfields to create “Crazy Love,” which features Zambian emeralds and Mozambican rubies across 10 pieces.
MajorsJan 27, 2025
Arch Crown’s 2025 ‘Tag & Label’ Catalog Is Out Now The catalog is 48 pages and features more than 100 styles.
CollectionsJan 24, 2025
Piece of the Week: Ashley Zhang Jewelry’s Lunar New Year NecklaceThe one-of-a-kind necklace was designed in celebration of the Chinese New Year, as 2025 is the Year of the Snake.
SourcingJan 24, 2025
Ethical Gem Fair Heads Back to Tucson The gemstone show is slated to take place at the Scottish Rite Cathedral.
Policies & IssuesJan 24, 2025
These Designers and Retailers Are Raising Money for LA Wildfire Relief From raffles to auctions to donations, the industry is working to aid charities in Los Angeles amid the raging wildfires.
CrimeJan 23, 2025
4 Men Arrested After Allegedly Plotting to Kidnap JewelerThe suspects are accused of planning to kidnap a Miami jeweler and rob him of his cryptocurrency.
CrimeJan 23, 2025
Security Guard Killed in Armed Robbery at Namibian Diamond Co. Francis “Gosh” Eiseb, 58, was a senior protection officer for Namib Desert Diamonds, also known as Namdia, in Windhoek, Namibia.
SourcingJan 23, 2025
RapNet, AGTA Partner to Launch Gemstone Trading NetworkThe online diamond and jewelry marketplace has expanded, introducing a new platform dedicated to colored gemstone trading.
