Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

PoS Malware Hits Eddie Bauer Stores

The point of sale (PoS) systems at Eddie Bauer retail stores across North America were infected with malware between January 2, 2016 and July 17, 2016, the clothing store chain announced on Thursday.

The point of sale (PoS) systems at Eddie Bauer retail stores across North America were infected with malware between January 2, 2016 and July 17, 2016, the clothing store chain announced on Thursday.

As soon as it learned about the breach, the clothing and recreational outfitter launched an investigation which found that customers who made purchases from the chain’s retail stores between January 2, 2016 and July 17, 2016 might have been impacted. Eddie Bauer operates over 350 retail stores in Canada and the United States.

The malware used in the attack enabled hackers to access payment card account information, the company revealed in an announcement. The compromised details include cardholder name, payment card number, security code, and expiration date.

According to the announcement, not all cardholder transactions during the infection period were affected by the malware. Moreover, the company underlined that only retail stores were affected and that customers who made purchases online at eddiebauer.com didn’t have their payment card information stolen in the attack.

What the company hasn’t revealed, however, was information on the malware used to breach the payment system and how attackers managed to compromise the network. However, the clothing store chain did say that the malware breach was part of a “sophisticated attack directed at multiple restaurants, hotels, and retailers.”

Over the past several months, numerous restaurants and hotels were hit by similar attacks, including Noodles & Company, Kimpton Hotels & Restaurants, Hard Rock Hotel & Casino, Wendy’s, Omni Hotels, and Cicis, but no information on these incidents being related has been provided as of now. Most recently, HEI Hotels & Resorts informed customers on a payment card breach.

In an open letter to the company’s customers, Eddie Bauer CEO Mike Egeck notes that the incident has been “fully identified and contained.” The store chain is conducting a “comprehensive review of our IT systems to incorporate recommended security measures in order to strengthen them and prevent this from happening again,” Egeck’s letter reads. The company is also working with the FBI to identify the perpetrators.

Eddie Bauer is also notifying the customers who might have had their payment card information stolen in this attack. The company says that it has already notified payment card networks on the matter, so that they could work with card issuing banks to monitor the accounts of impacted customers for fraudulent activity.

Speaking of retailers’ ability to prevent such attacks, John Christly, CISO, Netsurion, told SecurityWeek in an emailed comment that retailers of all sizes need better tools combined with increased cyber intelligence. 

“Gone are the days when a typical firewall could be set up once and run without constant monitoring, tweaking and ensuring the data coming from it was correlated with other systems,” Christly said. “Some of these breaches may look like normal web traffic coming out of the firewall, and other attacks can even seem like legitimate DNS traffic, which may pass right by the typical un-managed firewall. It takes a different approach to stop some of these advanced attacks, and many products and service providers simply do not have the ability to stop them before they do real damage.” 

Ideally, Christly says, retailers should use advanced tools such as file integrity monitoring, unified threat management appliances, security information and event management, and next-generation endpoint security solutions.

Related: MICROS Hackers Targeted Five Other PoS Vendors

Related: Payment Card Breach Hits 20 Hotels Operated by HEI

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...