Uh-Oh. Malware Got Eddie Bauer

It looks like we have another retail data breach – and this one was a doozy.  According to reports emerging in Krebs On Security, Eddie Bauer has been totally compromised in the U.S. and Canada.

By totally compromised, we mean that malicious code seems to have found its way in to all of Eddie Bauer’s systems. Add that up by the numbers – and it becomes clear a lot of information has been potentially taken. As of writing this article, Eddie Bauer owns software from point-of-sale systems at 350+ stores in North America.

Though there is no official confirmation – it seems that credit and debit cards used at those stores during the first six months of 2016 may have been the target of the breach. Eddie Bauer acknowledged their systems impregnation with malware about six weeks after Krebs On Security reached out to inform them of a possible data breach. The scope of the fraud seems to go all the way back to the very beginning of the year in January 2016.

At the time, the retailer noted that they were glad for the outreach, but had not noticed anything indicative of a breach. That story changed somewhat yesterday once the news of the hack become common knowledge.

“While not all transactions during this period were affected, out of an abundance of caution, Eddie Bauer is offering identity protection services to all customers who made purchases or returns during this period,” the company said in a press release issued directly after the markets closed in the U.S. today.




Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.

Click to comment