Uh-Oh. Malware Got Eddie Bauer

It looks like we have another retail data breach – and this one was a doozy.  According to reports emerging in Krebs On Security, Eddie Bauer has been totally compromised in the U.S. and Canada.

By totally compromised, we mean that malicious code seems to have found its way in to all of Eddie Bauer’s systems. Add that up by the numbers – and it becomes clear a lot of information has been potentially taken. As of writing this article, Eddie Bauer owns software from point-of-sale systems at 350+ stores in North America.

Though there is no official confirmation – it seems that credit and debit cards used at those stores during the first six months of 2016 may have been the target of the breach. Eddie Bauer acknowledged their systems impregnation with malware about six weeks after Krebs On Security reached out to inform them of a possible data breach. The scope of the fraud seems to go all the way back to the very beginning of the year in January 2016.

At the time, the retailer noted that they were glad for the outreach, but had not noticed anything indicative of a breach. That story changed somewhat yesterday once the news of the hack become common knowledge.

“While not all transactions during this period were affected, out of an abundance of caution, Eddie Bauer is offering identity protection services to all customers who made purchases or returns during this period,” the company said in a press release issued directly after the markets closed in the U.S. today.



Latest Insights: 

The Which Apps Do They Want Study analyzes survey data collected from 1,045 American consumers to learn how they use merchant apps to enhance in-store shopping experiences, and their interest in downloading more in the future. Our research covered consumers’ usage of in-app features like loyalty and rewards offerings and in-store navigation, helping to assess how merchants can design apps to distinguish themselves from competitors.

Click to comment


To Top