Technology 3 min read

Fin7 Hackers Steal 5 Million CC Numbers From Saks Fifth and Lord & Taylor

Jonathan Weiss /

Jonathan Weiss /

A notorious hacking syndicate has stolen data from over 5 million Saks Fifth Avenue and Lord & Taylor payment card customers.

In a blog article posted Sunday, cybersecurity and intelligence company, Gemini Advisory, confirmed that card data from more than 5 million customers had been stolen from luxury department stores Saks Fifth Avenue and Lord & Taylor.

According to the firm’s report, a certain JokerStash hacking syndicate known as Fin7 announced on March 28th the “release for sale” of the massive data haul containing hacked credit and debit card information.

Upon further investigation and in cooperation with different financial organizations, Gemini was able to confirm with a “high degree of confidence” that the stolen records were of Saks and Lord & Taylor’s shopping customers.

“On March 28, 2018, a notorious hacking JokerStash syndicate, also known as Fin7 announced the latest breach of yet another major corporation, with more than five million stolen payment cards offered for sale on the dark web,” Gemini reported.

“Several large financial institutions have confirmed that all tested records had been used before at Saks Fifth Avenue, Saks Fifth Avenue OFF 5TH, a discounted offset brand of luxury Saks Fifth Avenue stores, as well as Lord & Taylor stores.”

In a statement released by Hudson’s Bay Company, the Canada-based retail business group which operates both the luxury department stores, they confirmed that the hacking incident had occurred.

“We recently became aware of a data security issue involving customer payment card data at certain Saks Fifth Avenue, Saks OFF 5TH, and Lord & Taylor stores in North America. We identified the issue, took steps to contain it, and believe it no longer poses a risk to customers shopping at our stores,” the company wrote.

“While the investigation is ongoing, there is no indication that this affects our e-commerce or other digital platforms, Hudson’s Bay, Home Outfitters, or HBC Europe. We deeply regret any inconvenience or concern this may cause.”

This incident is considered one of the most costly data breaches in the history of the retail industry. It should be noted that Target also suffered from the same ordeal when around 40 million of its customers’ card information was stolen back in 2013.

Read More: Under Armour Hacked, 150 Million MyFitnessPal Accounts Compromised

The incident shows just how difficult it is to keep credit/debit card transaction systems secured despite multiple layers of security.

According to HBC, once they receive further information about the data breach, they will immediately get in touch with affected clients and will offer them free identity protection services including credit card and web monitoring.

To date, around 35,000 records from Saks Fifth Avenue and 90,000 from Lord & Taylor are offered for sale.

HBC is encouraging customers and patrons of the two retail stores to review their account statements and get in touch with their issuing banks quickly if they notice unknown activities or suspicious transactions in their account.

What do you think is the best way to secure credit or debit card payment information?

First AI Web Content Optimization Platform Just for Writers

Found this article interesting?

Let Chelle Fuertes know how much you appreciate this article by clicking the heart icon and by sharing this article on social media.

Profile Image

Chelle Fuertes

Chelle is the Product Management Lead at INK. She's an experienced SEO professional as well as UX researcher and designer. She enjoys traveling and spending time anywhere near the sea with her family and friends.

Comments (0)
Most Recent most recent
share Scroll to top

Link Copied Successfully

Sign in

Sign in to access your personalized homepage, follow authors and topics you love, and clap for stories that matter to you.

Sign in with Google Sign in with Facebook

By using our site you agree to our privacy policy.