About

Latest retail data breaches and security news

Recent years have seen an influx of retail data breaches affecting both huge corporations and small businesses across the globe.

Largely stemming from cyber-attacks on retailers’ networks or e-commerce security breaches, incidents such as these can devastate a company.

This often leaves customers open to financial and personal data theft.

Stay up to date with The Daily Swig for the latest on retail cyber-attacks, e-commerce data breaches, and other consumer-related security news.


Bug Bounty Radar

The latest bug bounty programs for September 202202 September 2022Bug Bounty RadarThe latest bug bounty programs for September 2022

Bug Bounty Radar

The latest bug bounty programs for August 202229 July 2022Bug Bounty RadarThe latest bug bounty programs for August 2022

Bug Bounty Radar

The latest bug bounty programs for July 202230 June 2022Bug Bounty RadarThe latest bug bounty programs for July 2022

Volatile market for stolen credit card data shaken up by Russian sanctions

25 May 2022Volatile market for stolen credit card data shaken up by Russian sanctionsIllicit trade still flourishing despite recent law enforcement takedowns

Credit card industry standard revised to repel card-skimmer attacks

14 April 2022Credit card industry standard revised to repel card-skimmer attacksPCI DSS v4.0 encourages better defenses against Magecart-style assaults

Third member of FIN7 cybercrime gang jailed over card skimming scheme

08 April 2022Third member of FIN7 cybercrime gang jailed over card skimming schemeUS authorities sentence pen tester to five years in prison

Point of assail?

UK retailer The Works blames store closures on POS problems after attack06 April 2022Point of assail?UK retailer The Works blames store closures on POS problems after attack

Network cavity blamed for data breach at Japanese candy maker

29 March 2022Network cavity blamed for data breach at Japanese candy makerMore than 1.6m affected by suspected compromise that ‘locked up’ servers

Downdetector

How the popular site outage tracker is helping to improve web security17 March 2022DowndetectorHow the popular site outage tracker is helping to improve web security

Lessons learned

Electronics retailer apologises after inadvertent customer data leak08 March 2022Lessons learnedElectronics retailer apologises after inadvertent customer data leak

Ukraine VDPs

Concerns raised over bug disclosure program aimed at tackling Russia’s ‘propaganda machine’08 March 2022Ukraine VDPsConcerns raised over bug disclosure program aimed at tackling Russia’s ‘propaganda machine’

Utah privacy bill places tighter controls on consumer data

07 March 2022Utah privacy bill places tighter controls on consumer dataPolicymakers move forward with new data privacy legislation

Japanese retailer traces breach to third-party hack

04 March 2022Japanese retailer traces breach to third-party hack Company traces compromise to vulnerability in payment processor’s systems

Web store lockdown

Emergency Adobe Commerce, Magento patches follow ‘limited’ in-the-wild attacks16 February 2022Web store lockdownEmergency Adobe Commerce, Magento patches follow ‘limited’ in-the-wild attacks

DeepDotWeb administrator gets eight-year stretch in US prison

27 January 2022DeepDotWeb administrator gets eight-year stretch in US prisonTal Prihar pleaded guilty to his role in darknet kickback scheme last year

Credential stuffing attacks

New York Attorney General alerts 17 ‘well-known’ organizations to 1.1m compromised online accounts06 January 2022Credential stuffing attacksNew York Attorney General alerts 17 ‘well-known’ organizations to 1.1m compromised online accounts

Bookshop of errors

Indian academic bookseller Oswaal Books fixes alleged serious vulnerabilities with Shopify relaunch05 January 2022Bookshop of errorsIndian academic bookseller Oswaal Books fixes alleged serious vulnerabilities with Shopify relaunch

US retailer PulseTV warns of apparent credit card breach

04 January 2022US retailer PulseTV warns of apparent credit card breachPayment system updated amidst fears 200,000 records may have been exposed

US clothing supplier Pro Wrestling Tees hit by data breach

23 December 2021US clothing supplier Pro Wrestling Tees hit by data breachLaw enforcement alerted company to compromise of payment card info

More bad men than Mad Men

Survey scams rekindled using advertising industry tricks21 December 2021More bad men than Mad MenSurvey scams rekindled using advertising industry tricks

Hacker-powered security

Human error bugs increasingly making a splash, new report indicates10 December 2021Hacker-powered securityHuman error bugs increasingly making a splash, new report indicates

Bloated browser?

Microsoft pushes ahead with controversial ‘buy now, pay later’ feature for Edge26 November 2021Bloated browser?Microsoft pushes ahead with controversial ‘buy now, pay later’ feature for Edge

Trickbot arrest

Russian national extradited to US for alleged role in developing notorious banking trojan29 October 2021Trickbot arrestRussian national extradited to US for alleged role in developing notorious banking trojan

Fast fashion

US clothing brand Next Level Apparel reports phishing-driven data breach06 October 2021Fast fashionUS clothing brand Next Level Apparel reports phishing-driven data breach

US retailer notifies 4.6m customers of data breach

01 October 2021US retailer notifies 4.6m customers of data breachDepartment store chain forces password reset after discovering 2020 incident last month

Google Chrome incorporates new secure payment feature

27 September 2021Google Chrome incorporates new secure payment featureNew tech touted as faster and stronger than web-based authentication alternatives

New York vaccine pass shortcomings offer lessons for other developers

08 September 2021New York vaccine pass shortcomings offer lessons for other developers‘Incomplete threat modelling’ blamed for credential forgery vulnerability

Chips are down

Data breach at US hospitality chain may have leaked customer info07 September 2021Chips are downData breach at US hospitality chain may have leaked customer info

Russian retailer issues DEXP phone recall following security audit

06 September 2021Russian retailer issues DEXP phone recall following security auditElectronics retailer DNS issued the product recall after a security researcher published their findings last week

Letting off Steam

Valve promptly resolves ‘unlimited funds’ gaming wallet cheat13 August 2021Letting off SteamValve promptly resolves ‘unlimited funds’ gaming wallet cheat

Hopper

Researchers develop tool to detect lateral movement attacks30 July 2021HopperResearchers develop tool to detect lateral movement attacks

Entertainment tech provider D-Box recovering from ransomware attack

29 July 2021Entertainment tech provider D-Box recovering from ransomware attackCyber-attack ‘limited to internal systems’

Loyalty management tech firm Antavo launches bug bounty program on Hacktify

22 July 2021Loyalty management tech firm Antavo launches bug bounty program on HacktifyLondon-headquartered company seeks ‘outside perspective’ on AppSec

Coronavirus scams

Snake oil Covid-19 treatment sites seized by US authorities20 July 2021Coronavirus scamsSnake oil Covid-19 treatment sites seized by US authorities

FIN7 member sentenced

Ukrainian man imprisoned for his part in billion-dollar cybercrime campaign25 June 2021FIN7 member sentencedUkrainian man imprisoned for his part in billion-dollar cybercrime campaign

US supermarket chain Wegmans suffers data breach

21 June 2021US supermarket chain Wegmans suffers data breachPersonal information belonging to customers was available online since late April