Monday, September 25, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • Axiad and Okta Partner to Revolutionize Authentication with Phishing Resistant MFA
  • Cyber Week 2023 & The Israel National Cyber Directorate Presents - Watch Live: Cyber - Week 2023 - Main Plenary, Day 2
  • Data Breaches from MOVEit Zero-Day Still Piling Up
  • Unlock Cyber Security as a Service: 2023 Insights!
  • More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator
Data Security SBN News Security Bloggers Network Threats & Breaches 

Home » Cybersecurity » Data Security » Macy’s, Bloomingdales Alert Online Customers of Data Breach

SBN

Macy’s, Bloomingdales Alert Online Customers of Data Breach

by Maritza Santillan on July 10, 2018

Macy’s is notifying customers of a data breach involving unauthorized access to their payment card data and personal information.

AWS Builder Community Hub

In a notice sent to affected customers, Macy’s said it first detected suspicious login activity from certain Macys.com accounts on June 11, 2018.

“Based on our investigation, we believe that an unauthorized third-party – from approximately April 26, 2018, through June 12, 2018 – used valid customer user names and passwords to login to customer online profiles,” the retailer said.

The breach also appears to affect customers who shopped on Bloomingdales.com, which is owned by Macy’s.

Compromised information included customer names, home addresses, phone numbers, email addresses and birthdays, as well as debit or credit card numbers with expiration dates.

However, no CVV or Social Security numbers were impacted.

In response to the breach, Macy’s said it has blocked profiles with suspicious logins, advising customers to update their account passwords in order to regain access.

“We have reported relevant debit and credit card numbers to Visa, Mastercard, American Express, and Discover. We have also added additional security rules around website login,” said Michael Gatio, president of Macy’s credit and customer services.

The retailer added that it believes the unauthorized third-party obtained the stolen credentials from a source other than Macy’s.

Although the company did not specify the extent of the data breach, it said only “a small number” of Macys.com and Bloomingdales.com customers were involved.

In the meantime, customers are advised to monitor their account statements closely for any unauthorized activity.

“You should remain vigilant for incidents of fraud and identity theft, including by regularly reviewing account statements and monitoring credit reports,” the company said.

Macy’s joins a long list of major retailers that have recently fallen victims to data breaches, including Adidas, Under Armour, (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Maritza Santillan. Read the original post at: https://www.tripwire.com/state-of-security/latest-security-news/macys-bloomingdales-data-breach/

July 10, 2018July 10, 2018 Maritza Santillan Data breach, Latest Security News, Macy's
  • ← SAP Security Notes July ‘18: Re-released Hot News and the Rise of Security Notes
  • Top 5 (Deliberately) Vulnerable Web Applications to Practice Your Skills On →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Thu 28

A Guide to Smart Dependency Management

September 28 @ 12:00 pm - 1:00 pm
Oct 03

Way Too Vulnerable: Uncovering the State of the Identity Attack Surface

October 3 @ 11:00 am - 12:00 pm
Oct 11

ASPM: Leveling the AppSec Playing Field

October 11 @ 1:00 pm - 2:00 pm
Oct 16

Shadow Access: Where IAM Meets Cloud Security

October 16 @ 3:00 pm - 4:00 pm
Oct 17

Securing Cloud-Native Applications Across the Software Development Life Cycle

October 17 @ 11:00 am - 12:00 pm
Oct 18

Live Workshop on ‘SCA 2.0’: Using Runtime Analysis to Find High-Risk SCA Vulnerabilities

October 18 @ 12:00 pm - 1:30 pm
Oct 19

Managing Security Posture and Entitlements in the Cloud

October 19 @ 1:00 pm - 2:00 pm
Oct 24

When Seconds Matter: Real-Time Cloud Security With AWS and Sysdig

October 24 @ 11:00 am - 12:00 pm
Oct 24

Reporting From the Pipeline: The State of Software Security in DevOps

October 24 @ 1:00 pm - 2:00 pm
Oct 30

Zero-Trust

October 30 @ 1:00 pm - 2:00 pm

More Webinars

Subscribe to our Newsletters

TSTV Podcast

Most Read on the Boulevard

GitLab Releases Urgent Security Updates for Critical Flaw
How Threat Hunting can Strengthen Your Cybersecurity Posture
Gaming, Financial Services Apps Under Attack
China Accuses US of Years of Cyber-Spying, Malware Campaigns
More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator
Helpdesk Telephone Attack: How to Close Process and Technology Gaps
Improve Your Organization’s Cloud Infrastructure with PeoplActive’s Cloud Consulting Services
A Guide to Understanding the Three CMMC Levels
The Role of AI and Machine Learning in Strengthening Cloud Security
Email Intelligence Dashboard

Download Free eBook

The Dangers of Open Source Software and Best Practices for Securing Code

Industry Spotlight

More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator
Analytics & Intelligence API Security Application Security AppSec Cloud Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security Deep Fake and Other Social Engineering Tactics Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight Insider Threats Malware Mobile Security Most Read This Week Network Security News Popular Post Regulatory Compliance Securing the Cloud Securing the Edge Security at the Edge Security Awareness Security Boulevard (Original) Social Engineering Software Supply Chain Security Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust 

More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator

September 25, 2023 Richi Jennings | Yesterday 0
Google: Chromebooks Will Get 10 Years of Software, Security Updates
Application Security Cybersecurity Data Security Endpoint Featured Industry Spotlight Malware Mobile Security Network Security News Security Boulevard (Original) Spotlight 

Google: Chromebooks Will Get 10 Years of Software, Security Updates

September 19, 2023 Jeffrey Burt | Sep 19 0
Group Allegedly Behind MGM, Caesars Attacks is Fairly New to Ransomware
Cloud Security Cybersecurity Data Security Featured Identity & Access Industry Spotlight Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threats & Breaches 

Group Allegedly Behind MGM, Caesars Attacks is Fairly New to Ransomware

September 18, 2023 Jeffrey Burt | Sep 18 0

Top Stories

Data Breaches from MOVEit Zero-Day Still Piling Up
Cybersecurity Data Security Featured Incident Response Malware Network Security News Security Boulevard (Original) Spotlight Threats & Breaches 

Data Breaches from MOVEit Zero-Day Still Piling Up

September 25, 2023 Jeffrey Burt | Yesterday 0
Qakbot Takedown Resembles Hack Back, Will Botnet, Malware Be Resurrected?
Analytics & Intelligence Application Security Cyberlaw Cybersecurity Data Security Featured Governance, Risk & Compliance Incident Response Malware News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Qakbot Takedown Resembles Hack Back, Will Botnet, Malware Be Resurrected?

September 25, 2023 Teri Robinson | Yesterday 0
China Accuses US of Years of Cyber-Spying, Malware Campaigns
Cybersecurity Data Security Featured Identity & Access Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches 

China Accuses US of Years of Cyber-Spying, Malware Campaigns

September 22, 2023 Jeffrey Burt | 3 days ago 0

Security Humor

Ahmed El-Tantawy

More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.