Krebs on Security: A Month After 2 Million Customer Cards Sold Online, Buca di Beppo Parent Admits Breach. “On Feb. 21, 2019, KrebsOnSecurity contacted Italian restaurant chain Buca di Beppo after discovering strong evidence that two million credit and debit card numbers belonging to the company’s customers were being sold in the cybercrime underground. Today, Buca’s parent firm announced it had remediated a 10-month breach of its payment systems at dozens of restaurants, including some locations of its other brands such as Earl of Sandwich and Planet Hollywood.”
ZDNet: Google Chrome extension that steals card numbers still available on Web Store. “A malicious Google Chrome extension that can recognize and steal payment card details entered in web forms is still available on the Chrome Web Store. The extension is the work of a cyber-criminal group and has been at the heart of a malware distribution effort in the past.”
ZDNet: Caribou Coffee chain announces card breach impacting 239 stores. “US coffee store chain Caribou Coffee announced a security breach today after it discovered unauthorized access of its point of sale (POS) systems. The company listed 239 stores of its total 603 locations as impacted, which roughly amounts to 40 percent of all its sites.” The breach took place between late August and early December — over three months — and it looks like the breach could have gotten all credit card details.
Threatpost: 1-800-Flowers Becomes Latest Payment Breach Victim. “Those buying flowers for Mother’s Day or looking to send a plant for a birthday could find their thoughtful gestures reaping a crop of misery: Payment card data has been lifted from the Canadian online outpost of 1-800-Flowers, in an incident that has persisted for four years.” Since August 2014. That’s bonkers.
Bloomberg: Marriott Hit by Starwood Hack That Ranks Among Biggest Ever. “The attack is troubling not just because of its sheer size, but also the level of detail potentially stolen by the attackers. The hack affects some 500 million guests, and for about 327 million of them, the data included passport numbers, emails and mailing addresses, Marriott said. Some credit card details may also have been taken.”
Ars Technica: E-commerce site is infected not by one, but two card skimmers. “Payment card skimming that steals consumers’ personal information from e-commerce sites has become a booming industry over the past six months, with high-profile attacks against Ticketmaster, British Airways, Newegg, and Alex Jones’ InfoWars, to name just a few. In a sign of the times, security researcher Jérôme Segura found two competing groups going head to head with each other for control of a single vulnerable site.”
TechCrunch: Hackers stole customer credit cards in Newegg data breach . “Newegg is clearing up its website after a month-long data breach. Hackers injected 15 lines of card skimming code on the online retailer’s payments page which remained for more than a month between August 14 and September 18, Yonathan Klijnsma, a threat researcher at RiskIQ, told TechCrunch. The code siphoned off credit card data from unsuspecting customers to a server controlled by the hackers with a similar domain name — likely to avoid detection. The server even used an HTTPS certificate to blend in.”