Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Major Retailer Suffers System Intrusion – Payment Systems Compromised

Genesco Inc, a specialty retailer of branded footwear and other products, today announced that the computer network that processes its payment card transactions in the United States has been hacked, in what the company is calling a “criminal intrusion.” Genesco operates more than 2,225 footwear and headwear retail stores in the United States, Puerto Rico and Canada, principally under the names Journeys, Journeys Kidz, Shi by Journeys, Underground Station, Johnston & Murphy, Hatworld, Lids, Lids Kids, Hat Shack, Hat Zone, Cap Connection

Genesco Inc, a specialty retailer of branded footwear and other products, today announced that the computer network that processes its payment card transactions in the United States has been hacked, in what the company is calling a “criminal intrusion.” Genesco operates more than 2,225 footwear and headwear retail stores in the United States, Puerto Rico and Canada, principally under the names Journeys, Journeys Kidz, Shi by Journeys, Underground Station, Johnston & Murphy, Hatworld, Lids, Lids Kids, Hat Shack, Hat Zone, Cap Connection and Head Quarters.

The company said it is not aware of the extent of the intrusion yet, but did say that the systems that process payment transactions for its United States Journeys, Journeys Kidz, Shi by Journeys and Johnston & Murphy stores, and for some of its Underground Station stores have been compromised.

Related Content: Buena Vista University Data BreachHackers

The company believes the intrusion has been contained and is conducting a full investigation with the help of an outside expert to seek to determine the extent of any possible compromise of customer information that occurred in the intrusion.

The company warned that credit or debit card numbers, expiration date and card verification code contained on the magnetic stripe of some payment cards used at stores in the affected chains may have been by the hacker(s). Genesco didn’t provide any detail as to the possible number of records compromised.

Below is a letter from Genesco Chairman, President and Chief Executive Officer Robert J. DennisA Message From Genesco CEO Robert J. Dennis

December 10, 2010 Dear Customer:

Genesco recently became aware of a criminal intrusion into the portion of its computer network that processes payment card transactions for its United States Journeys, Journeys Kidz, Shi by Journeys and Johnston & Murphy stores, and for some of its Underground Station stores. Immediately upon learning of the intrusion, we took steps to secure the affected part of our network. We believe that the intrusion has been contained and are confident that our customers can safely use their credit and debit cards in all of our stores.

The Company has notified law enforcement authorities and is cooperating in law enforcement’s efforts to identify those responsible for the intrusion. The Company has also notified the major card brands of the intrusion.

Advertisement. Scroll to continue reading.

The extent of the intrusion is not known at this time. The Company is continuing to investigate the intrusion, with the assistance of an outside expert, in an effort to determine the extent of any possible compromise of customer information. It is possible that the credit or debit card number, expiration date and card verification code contained on the magnetic stripe of some payment cards used at the chains mentioned above may have been acquired without authorization during the intrusion. We currently have no reason to believe that personal information, such as names, addresses or Social Security numbers, was acquired by the intruder.

We recommend that customers review their card statements and other account information carefully and immediately notify their card issuer if they suspect fraudulent use. Because we have no reason to believe customers’ personal information was compromised, we do not believe that identify theft is likely as a consequence of the intrusion. Nonetheless, we are providing the Reference Guide below, which details some steps you can take to protect your personal information. For more information or with questions, please call our Customer Information Center at (877) 441-2998 or write to me at 1415 Murfreesboro Road, Suite 490, Nashville, TN 37217.

We sincerely regret any inconvenience this attack on our network may cause you. As always, we appreciate your choosing to shop in our stores.

Sincerely,

Robert J. Dennis

Chairman, President and Chief Executive Officer Genesco Inc.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.