Kmart - Popular US Retailer Suffers Major Security Breach

Securityweek.com reported on 10th October, 2014 stating that Kmart is the latest large retailer of U.S. to have experienced a data breach of its online payment machines and have joined a fast developing club dealing successful hack attempts causing exposure of customer data along with payment card information.

The company operating 1,152 locations as on 1st Feb. 2014 said on Thursday, 9th October, 2014 that its IT team detected the breach in its online payment systems and quickly initiated an investigation.

Securityweek.com published a report on 10th October, 2014 quoting a statement as "Our investigation till date indicates that breach started in early September. According to security experts with whom we have been working, the payment data systems of our Kmart store were polluted with a version of malware which was not detectable by current AV solutions. Although quickly removed the malware, we think credit and debit card numbers have been hijacked."

Kmart added that customers of Kmart.com do not seem to be strongly affected.

The retailer said that it was working closely with federal law enforcement agencies, i-bankers and other IT security vendors as part of the ongoing probe.

Theregister.co.uk published news on 12th October, 2014 quoting Alasdair James, President and Chief Member Officer of Kmart as saying "I earnestly apologize for any trouble which it may cause to our customers and members."

Kmart confirmed that affected customers who reported any fraudulent purchases would not be liable if they reported about the activity on time though it did not give any specific time frame.

Numerous breaches of data of companies like Home Depot Inc. (HD), Target Corp. (TGT) and Neiman Marcus Group Ltd. have persuaded retailers to strengthen security regarding database and credit-card processing. Concerns regarding cyber infiltration have increased all over the nation after JPMorgan Chase & Co. recently revealed that an attack by cybercriminals exposed contact details of 76 million customers and 7 million small time enterprises.

Theregister.co.uk reported on 12th October, 2014 quoting Tom Kellermann, Chief Cybersecurity Officers of Trend Micro as saying "It's debatable whether Kmart had enough security to prevent these thefts and the actual question is why they have not learnt the lessons from intrusions on Target and others."

» SPAMfighter News - 10/20/2014