Last Thursday the JokerStash "hacking syndicate" (also known as "Fin7") began offering more than 5 million payment cards for sale in dark web souks. The cards appear to have been compromised in a breach of retailers Saks and Lord and Taylor, both department store chains owned by the Toronto-based Hudson's Bay Company. The breach was disclosed yesterday, April 1, 2018, in a blog post by Gemini Advisory that was subsequently confirmed by the Hudson's Bay Company. Gemini Advisory believes that compromise dates back to May 2017 and has continued into this month. Most of the card data are thought to have been stolen from customers in New York and New Jersey. 125 thousand records have been released for sale so far; the rest are expected to appear on the black market within the next few months. Hudson's Bay tersely says it's addressed problems in its network security, continues to investigate, and plans to offer affected customers the usual sorts of post-breach assistance, including "free identity protection services, including credit and web monitoring."
The SamSam ransomware attack against Atlanta's municipal systems is proving distinctly difficult to remediate. The city is still struggling to recover, and other cities of comparable size are rightly spooked by the prospect that they might be next. Investigation continues.
City and regional governments in many countries appear to have become attractive targets for criminal hackers. The automatic meter reading system of Haryana power utilities in Panchkula, India, was raided last week, the hackers demanding ransom for data.