Connect with us

Hi, what are you looking for?



PoS Malware Hits Eddie Bauer Stores

The point of sale (PoS) systems at Eddie Bauer retail stores across North America were infected with malware between January 2, 2016 and July 17, 2016, the clothing store chain announced on Thursday.

The point of sale (PoS) systems at Eddie Bauer retail stores across North America were infected with malware between January 2, 2016 and July 17, 2016, the clothing store chain announced on Thursday.

As soon as it learned about the breach, the clothing and recreational outfitter launched an investigation which found that customers who made purchases from the chain’s retail stores between January 2, 2016 and July 17, 2016 might have been impacted. Eddie Bauer operates over 350 retail stores in Canada and the United States.

The malware used in the attack enabled hackers to access payment card account information, the company revealed in an announcement. The compromised details include cardholder name, payment card number, security code, and expiration date.

According to the announcement, not all cardholder transactions during the infection period were affected by the malware. Moreover, the company underlined that only retail stores were affected and that customers who made purchases online at didn’t have their payment card information stolen in the attack.

What the company hasn’t revealed, however, was information on the malware used to breach the payment system and how attackers managed to compromise the network. However, the clothing store chain did say that the malware breach was part of a “sophisticated attack directed at multiple restaurants, hotels, and retailers.”

Over the past several months, numerous restaurants and hotels were hit by similar attacks, including Noodles & Company, Kimpton Hotels & Restaurants, Hard Rock Hotel & Casino, Wendy’s, Omni Hotels, and Cicis, but no information on these incidents being related has been provided as of now. Most recently, HEI Hotels & Resorts informed customers on a payment card breach.

In an open letter to the company’s customers, Eddie Bauer CEO Mike Egeck notes that the incident has been “fully identified and contained.” The store chain is conducting a “comprehensive review of our IT systems to incorporate recommended security measures in order to strengthen them and prevent this from happening again,” Egeck’s letter reads. The company is also working with the FBI to identify the perpetrators.

Advertisement. Scroll to continue reading.

Eddie Bauer is also notifying the customers who might have had their payment card information stolen in this attack. The company says that it has already notified payment card networks on the matter, so that they could work with card issuing banks to monitor the accounts of impacted customers for fraudulent activity.

Speaking of retailers’ ability to prevent such attacks, John Christly, CISO, Netsurion, told SecurityWeek in an emailed comment that retailers of all sizes need better tools combined with increased cyber intelligence. 

“Gone are the days when a typical firewall could be set up once and run without constant monitoring, tweaking and ensuring the data coming from it was correlated with other systems,” Christly said. “Some of these breaches may look like normal web traffic coming out of the firewall, and other attacks can even seem like legitimate DNS traffic, which may pass right by the typical un-managed firewall. It takes a different approach to stop some of these advanced attacks, and many products and service providers simply do not have the ability to stop them before they do real damage.” 

Ideally, Christly says, retailers should use advanced tools such as file integrity monitoring, unified threat management appliances, security information and event management, and next-generation endpoint security solutions.

Related: MICROS Hackers Targeted Five Other PoS Vendors

Related: Payment Card Breach Hits 20 Hotels Operated by HEI

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...