• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » News » JokerStash Syndicate Hacks 5M Credit Cards

JokerStash Syndicate Hacks 5M Credit Cards

2018-04-09 by Michelle Dvorak

JokerStash Syndicate Hacks Hudson’s Bay Credit Cards

Credit card numbers from an estimated five million Hudson’s Bay customers were stolen during an almost three -year long cyber security breach. The credit card number were compromised by hacking into the point-of-sale systems (cash registers) at over 100 Hudson Bay’s brand stores. Hudson’s Bay Company owns the retail chains Saks Fifth Avenue, Lord & Taylor, and Saks OFF 5TH brands. The cyber security breach only involves in-store purchases. Customers who shopped online via the brand websites are not believed to be affected.

The group believed responsible for the theft is a hacker group known as JokerStash. Credit card data was lifted from Saks Fifth Avenue, Lord & Taylor, and Saks Off 5th Avenue in-store sales dating from May 2017 to present day 2018.

Hackers typically steal credit card and personal information and then sell the data through various outlets including the dark web. Customers of high-end retail stores like Saks and Lord & Taylor in the tri-state are assumed to have high credit limits. Purchases of expensive items such as electronics, smartphones, and laptops could easily go undetected by security algorithms.

On 28 March 2018 JokerStash announced that the five million stolen credit and debit cards would be available for sale. According to Gemini Advisory, about 125,000 of those credit cards have been put up for sale on the dark web so far.

Hudson’s Bay is a Toronto, Canada based retail business group with origins in fur trading. Hudson’s Bay operates retail stores in Canada, the United States, and Europe.

JokerStash hacked credit cards from several other retailers besides Hudson’s Bay Company and is responsible for the Chipotle Mexican Grill hack and Trump hotels.

According to the Gemini Advisory report, most of the card numbers were hacked from New York and New Jersey stores.

Estimated Window of Compromise: May 2017 – Present
Top-5 Saks Fifth Avenue Compromised Locations:
Number of exposed retail stores: 83

  • The Outlets at Bergen Town Center Paramus, NJ
  • The Gallery at Westbury Garden City, NY
  • King of Prussia King of Prussia, PA
  • Bridgewater Bridgewater, NJ
  • Braintree Braintree, MA

Number of Credit Cards for Sale: Approximately 35,000

Top-5 Lord & Taylor Compromised Locations:
Number of exposed retail stores: 51

  • Fifth Avenue New York, NY
  • Garden State Plaza Paramus, NJ
  • Eastchester Scarsdale, NY
  • Garden City Garden City, NY
  • Freehold Raceway Mall Freehold, NJ

Number of Credit Cards for Sale: Approximatel90,000

Filed Under: News Tagged With: credit card, JokerStash

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version