FinancialsMar 13, 2025
Brilliant Earth’s 2024 Sales Struggled Amid Engagement RecoveryCEO Beth Gerstein shared its most popular price points, what’s trending in non-bridal fine jewelry, and its holiday performance.
MajorsApr 03, 2018
Saks, Lord & Taylor the Latest Hit by Hackers
They reportedly gained access to the retailers’ cash register systems to steal payment card data from more than 5 million customers.
Hudson’s Bay Company announced Sunday that hackers had gained access to the debit and credit card numbers of customers at two of its retailers--Lord &Taylor and Saks.
New York--Saks Fifth Avenue and sister retailer Lord & Taylor just joined the long list of large companies that have been hacked.
On Sunday, parent company Hudson’s Bay Co. issued a short statement confirming that it had become aware of a “data security issue” involving the credit and debit card numbers of customers who shopped at certain Saks Fifth Avenue, Saks Off 5th and Lord & Taylor stores in North America.
While the investigation is ongoing, HBC said it doesn’t appear the breach impacted customers who shopped at any of its other stores or online, including on Gilt.com.
“The company deeply regrets any inconvenience or concern this might cause,” the statement reads. “Once the company has more clarity around the facts, it will notify customers quickly and will offer those impacted free identity protection services, including credit and web monitoring.”
HBC did not release any specifics about the number of consumers or location of stores impacted, but in a blog post also published Sunday, Gemini Advisory pinned the attack on a cybercrime syndicate known as JokerStash or Fin7.
The cybersecurity research firm said Fin7 announced March 28 it would be releasing for sale more than 5 million stolen debit and credit card numbers on the dark web, and already has put about 125,000 out there.
Fin7 didn’t say where it obtained the numbers, but Gemini said it confirmed with a “high degree of confidence” that the numbers came from Saks Fifth Avenue and Lord & Taylor. It estimated the breach occurred between May 2017 and now, impacting all Lord & Taylor and 83 Saks stores mainly in New York and New Jersey.
The research firm said it is “among the most significant credit card heists in modern history.”
A spokesperson for HBC declined to comment on Gemini’s statement.
Cybercrime is a growing problem for retailers, including retail jewelers.
In its recently released annual crime report for 2017, the Jewelers Security Alliance noted a “large dollar increase” in thefts by deception and impersonation made possible by the internet, with the average loss from this type of incident topping $1 million.
JSA President John J. Kennedy called it a “dangerous and growing crime trend” for the industry.
On Monday, he offered a number of cybersecurity tips for retailers. Some, he noted, might involve hiring an IT consulting firm.
Kennedy said retailers need to have proper firewalls and up-to-date anti-malware software for all systems, and they need to avoid visiting “questionable and risky sites.”
Jewelers
Editors' Picks
Sponsored by
also need to educate their staff on the common mistakes made that let hackers in.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
More on Majors
The Latest
CollectionsMar 13, 2025
Chopard Unveils High Jewelry Collection Created From 6,225-Carat Emerald The 15 pieces were crafted from the “Insofu” emerald, discovered in Zambia in 2010.
Lab-GrownMar 13, 2025
JA Offering Some ‘Counter Intelligence’ on Diamonds Jewelers of America is distributing a brochure for retailers to use when discussing the differences between natural and lab-grown diamonds.
Brought to you by
Watch: GIA Field Gemology at the One-Hundredth Expedition: A Look Back and to the FutureSupplier Spotlight Sponsored by GIA
SourcingMar 12, 2025
5 Factors That Will Impact the Diamond Industry in 2025The industry is changing as it grapples with new realities around distribution, supply, and the need for consistent, effective marketing.
Weekly QuizMar 06, 2025
This Week’s QuizTest your jewelry news knowledge by answering these questions.
SourcingMar 12, 2025
Q&A: New GJEPC Chairman Kirit BhansaliBhansali discusses the potential impact of U.S. tariffs, demand for diamonds by market, and the “cautious confidence” in India right now.
Lab-GrownMar 12, 2025
Beyond Jewelry: Possibilities in the Lab-Grown Diamond SectorAs lab-grown diamond brands pop up across India, academics are researching how to grow demand outside of the jewelry industry.
Brought to you by
Natural Diamonds Should Mean MoreNatural diamonds mean more than lab-grown, but when every cut is ideal, they all look the same. Customers want more—Facets of Fire delivers.
SourcingMar 12, 2025
Indian Leader, Retailer Among 2025 DDG Honorees Govind Dholakia and Tanishq will be recognized for their contributions to the industry at the Diamonds Do Good Awards in Las Vegas.
IndependentsMar 12, 2025
Marla Aaron Migrates to LondonThe New York City-based brand has opened its first U.K. location with a permanent shop-in-shop at Liberty in London.
AuctionsMar 12, 2025
A Medieval Bishop’s Sapphire Ring Is Going Up for SaleA metal detectorist discovered the ring that is believed to have belonged to a bishop in the late 12th to early 13th century.
Events & AwardsMar 12, 2025
JA New York Announces Education, Live Demo LineupsOrganizers looked to new partnerships and interactive experiences to enhance the spring show, set for March 16 to 18.
Events & AwardsMar 12, 2025
Bogolo Joy Kenewendo to Speak at Annual JVC LuncheonKenewendo, Botswana’s minister of minerals and energy, will discuss the future of diamonds.
CrimeMar 11, 2025
Man in Florida Swallows Allegedly Stolen Tiffany & Co. Jewelry The suspect allegedly stole almost $800,000 worth of diamond jewelry from a store in Orlando and then swallowed it during a traffic stop.
ColumnistsMar 11, 2025
Creative Connecting: How to Pose on the Red CarpetAhead of the Gem Awards on Friday, Jen Cullen Williams and Duvall O’Steen share pro tips for taking the best photos.
CollectionsMar 11, 2025
Marco Bicego Celebrates 25 Years With Collection, CampaignFounded in 2000, Marco Bicego is commemorating its milestone anniversary with a “25 Best” collection and campaigns honoring its heritage.
TechnologyMar 11, 2025
Hill & Co. Launches New B2B Buyer DatabaseThose attending the company’s upcoming Zoom workshop will receive early access to “The List,” its new resource for finding buyers.
Events & AwardsMar 11, 2025
JSA to Honor GIA Employee at Annual LuncheonThe organization will present an award to Amy-Elise Signeavsky, law enforcement and diamond recovery manager at GIA.
MajorsMar 10, 2025
Terry Chandler to Retire After 24 Years as Head of DCA Chandler started his jewelry career at Michelson Jewelers, joining the Diamond Council of America as president and CEO in 2001.
CollectionsMar 10, 2025
MaeVona Co-Founder Debuts 3D-Printed ‘Tùsaire’ CollectionScottish American designer Maeve Gillies collaborated with Platinum Guild International on jewelry created by direct metal 3D printing.
Events & AwardsMar 10, 2025
The Jewelry Symposium Announces 2025 Scholarship WinnersAhead of its trade show in May, TJS awarded free registration and accommodations to five up-and-coming jewelry industry professionals.
Events & AwardsMar 10, 2025
These Designers, Journalists, and Retailers Are Up for a Gem Award The 2025 Gem Awards are set to take place Friday at Cipriani 42nd Street in New York City.
MajorsMar 07, 2025
Jane Fonda, Mariska Hargitay Star in Pomellato’s IWD CampaignThe annual star-studded campaign for International Women’s Day encourages collective action against domestic violence.
CollectionsMar 07, 2025
Piece of the Week: Yeprem’s ‘Golden Strada’ NecklaceThe statement piece is seen in Yeprem’s new “You Play the Game” campaign, created for International Women’s Day.
MajorsMar 07, 2025
Borsheims Names New Senior Security and Facilities ManagerLongtime employee Kyle Slosson has been promoted to the role.
IndependentsMar 06, 2025
Wixon Jewelers to Close After 37 YearsFirst-generation jewelers Dan and Hope Wixon are retiring and will close their Minneapolis-area jewelry store in May.
CollectionsMar 06, 2025
Guzema, 3.1 Phillip Lim Collab on New ‘Snake’ DesignsThe limited-edition collection, a nod to the Year of the Snake, is Ukrainian brand Guzema’s first partnership with a U.S. brand.
