Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Businesses Security Software The Almighty Buck Technology

Malware Infected All Eddie Bauer Stores In US, Canada (krebsonsecurity.com) 50

New submitter alir1272 quotes a report from Krebs On Security: Clothing store chain Eddie Bauer said today it has detected and removed malicious software from point-of-sale systems at all of its 350+ stores in North America, and that credit and debit cards used at those stores during the first six months of 2016 may have been compromised in the breach. The acknowledgement comes nearly six weeks after Krebs On Security first notified the clothier about a possible intrusion at stores nationwide. "The company emphasized that this breach did not impact purchases made at the company's online store eddiebauer.com," reports Krebs On Security.
This discussion has been archived. No new comments can be posted.

Malware Infected All Eddie Bauer Stores In US, Canada

Comments Filter:
  • by Anonymous Coward

    Overpriced, snooty-assed brand...

  • Thank god for Slashdotters they aren't a big and tall store!

  • Is Eddie Bauer still a thing? I remember checking that place out years ago and never went back, nothing but a bunch of overpriced garbage.

    • by Nidi62 ( 1525137 )

      Is Eddie Bauer still a thing? I remember checking that place out years ago and never went back, nothing but a bunch of overpriced garbage.

      Eh, I buy Eddie Bauer t-shirts at Sam's for about $8 each. They aren't too bad. Not sure what they would cost at an actual Eddie Bauer store though.

      • by cdrudge ( 68377 )

        Not sure what they would cost at an actual Eddie Bauer store though.

        Judging from their website, at least $25.

      • Eh, I buy Eddie Bauer t-shirts at Sam's for about $8 each. They aren't too bad. Not sure what they would cost at an actual Eddie Bauer store though.

        Cheapest T-shirt costs $20~$23 on their web site [eddiebauer.com]. I am sure they are made-in-China which would cost them a couple dollars including shipping. $8 is still more expensive than other T-shirts (no name brand) I could find in Walmart. :p

        • I go to SE Asia once or twice a year and buy 10 or 20 t-shirts at $2 to $3 apiece. Same exact shirts you'll find in any major stores in the US, but bought locally a few kilometers from the source factory.

          I give some away (they have logos and stuff) but the rest I keep, so I now have a lifetime supply of t-shirts, lol.

          On another note, it's an incredible sight to see a couple thousand of the young Asian lady workers all exiting the factory en masse at the end of the day and riding back home on near-identical

    • Apparently with no competent IT department either.
  • by ddtmm ( 549094 ) on Friday August 19, 2016 @08:17AM (#52731743)

    ...credit and debit cards used at those stores during the first six months of 2016 may have been compromised in the breach.

    How is it that it went undetected by credit card companies and banks for so long? Surely they should have detected a pattern. I've always wondered why credit card companies don’t seem to care about fraud. It's like they have no interest in getting to the bottom of it.

    • by HungryMonkey ( 1887382 ) on Friday August 19, 2016 @08:35AM (#52731815)
      Six months is probably from the oldest infected file date. Given that it was at every location, there is a good chance they didn't do anything with the information obtained until it has spread across the network. And even then, they may have let it sit and gather data for a while before they sold anything on the assumption that once they started to act it wouldn't take long to be shut down.
    • by tomhath ( 637240 ) on Friday August 19, 2016 @08:40AM (#52731845)
      FTFA

      On July 5, 2016, KrebsOnSecurity reached out to Bellevue, Wash., based Eddie Bauer after hearing from several sources who work in fighting fraud at U.S. financial institutions. All of those sources said they’d identified a pattern of fraud on customer cards that had just one thing in common: They were all recently used at some of Eddie Bauer’s 350+ locations the U.S. The sources said the fraud appeared to stretch back to at least January 2016.

      How is it that the article says they did detect a pattern but you didn't notice it? Surely you read the article before posting a question like that.

      • by PPH ( 736903 )

        Surely you read the article before posting ...

        I'm beginning to detect a pattern here.

      • My question is why was it KrebsOnSecurity who told Eddie Bauer they had a problem and not the banks and cc companies?

        On July 5, 2016, KrebsOnSecurity reached out to Bellevue, Wash., based Eddie Bauer after hearing from several sources who work in fighting fraud at U.S. financial institutions. All of those sources said theyâ(TM)d identified a pattern of fraud on customer cards that had just one thing in common: They were all recently used at some of Eddie Bauerâ(TM)s 350+ locations in the U.S. The

    • by Anonymous Coward

      I've always wondered why credit card companies don’t seem to care about fraud. It's like they have no interest in getting to the bottom of it.

      That's because credit card companies HAVE NO INTEREST in getting to the bottom of it. When cards are used fraudulently, the bank is only liable for the cost of a replacement card and some postage. The cost of fraud is largely on merchants who accepted the cards and had chargebacks from the real customers.

  • I though of:

    Eddie? Keees me goodnight!

    Let's see who gets that reference....

    • Topo Gigio!

      Oy, I'm old. :(

      • Topo Gigio!

        Oy, I'm old. :(

        TaDAH!!!! You win. I was just a kid at the time, but I remember old Topo.

  • by Anonymous Coward

    these sorts of things simply didn't happen when the credit card machines were hooked directly up to a phone line. swipe, authorize, print, sign, done.

    the same thing COULD still be done with the "new" chip cards (chip and sign, chip and pin, or debit or gift card for that matter), if merchants and credit card companies weren't so fucking clueless.

    yes, they still make those devices, and yes, the new ones do the new cards and some can even still do dial-up.

    merchants should be 100% accountable for every single

  • by JustAnotherOldGuy ( 4145623 ) on Friday August 19, 2016 @11:39AM (#52732953) Journal

    And ten million hipsters cried out in terror, as if there had been a great disturbance in the supply of flannel lunberjack shirts.

  • "...credit and debit cards used at those stores during the first six months of 2016 may have been compromised in the breach"

    I set fire to your house and burned it to the ground. There may have been some smoke damage.

  • I personally know some of the IT workers at Eddie Bauer and they're incompetent morons that have no business working in IT. They have impressive resumes and absolutely no practical, real-world IT skills whatsoever. I was going to pursue a job there but after looking into it, I didn't even bother applying.
  • I thought that Sears bought the Eddie Bauer Brand about 7 years ago, and were going to integrate those products into their regular stores.

    News for Nerds: Eddie Bauer still has over 350 brick-and-mortar stores in North America.

    Who knew? Where should we go for our khakis now?

  • yes, Eddie, like nearly all those that have been cracked, runs windows and outsourced to India, some parts. I'm not certain, where, but I will put money down, that India has access to the POS and handle the Sys. Ad.
    Some of you will scream that this is racists. You are right, but not on my part, but on yours.
    The fact is, that when you pay somebody 1/10 of what you pay normally, and you have enemies that have easy access to these employees, well, all they have to do is offer 10-20x what you were paying. IO

We are Microsoft. Unix is irrelevant. Openness is futile. Prepare to be assimilated.

Working...