Sunday, March 19, 2017
You can’t close out that data breach file in just a few days or weeks.
Neiman Marcus has agreed to pay $1.6 million to resolve a data breach class action in Illinois federal court over a December 2013 cyber intrusion that revealed the credit card data of 350,000 shoppers of the luxury retailer, according to a court document filed Friday.
Read more on Law360 if you have a subscription. If you don’t have a subscription, don’t worry – I imagine other news outlets will also cover the settlement.
Past coverage of the breach and litigation on this site are linked from here. The case may best be remembered for the Seventh Circuit’s reversal of the district court’s dismissal of the lawsuit for lack of standing. Following that someone stunning reversal, the retailer failed to get the appeal reheard en banc, and then suffered a second loss back in district court when it also failed to get the case dismissed for failure to demonstrate negligence on their part.
I doubt most lawyers would have suggested that the retailer settle the suit when it was first filed, as most of these lawsuits that do not allege concrete injury actually did/do get dismissed for lack of standing. So Neiman Marcus chose not to settle at the outset, and... I wonder how much this litigation has cost them by now? And what’s the value of the bad press of keeping their name in headlines associated with customer complaints? With the benefit of hindsight, would they fight this all again?
Interesting from several perspectives. Does hacking the website make stealing the credit card information they are processing on another system easier?
Brian Krebs reports:
For the second time in the past nine months, Google has inadvertently but nonetheless correctly helped to identify the source of a large credit card breach — by assigning a “This site may be hacked” warning beneath the search results for the Web site of a victimized merchant.
A little over a month ago, KrebsOnSecurity was contacted by multiple financial institutions whose anti-fraud teams were trying to trace the source of a great deal of fraud on cards that were all used at a handful of high-end restaurants around the country.
Two of those fraud teams shared a list of restaurants that all affected cardholders had visited recently. A bit of searching online showed that nearly all of those establishments were run by Select Restaurants Inc., a Cleveland, Ohio company that owns a number of well-known eateries nationwide, including Boston’s Top of the Hub; Parker’s Lighthouse in Long Beach, Calif.; the Rusty Scupper in Baltimore, Md.; Parkers Blue Ash Tavern in Cincinnati, Ohio; Parkers’ Restaurant & Bar in Downers Grove, Illinois; Winberie’s Restaurant & Bar with locations in Oak Park, Illinois and Princeton and Summit, New Jersey; and Black Powder Tavern in Valley Forge, PA.
the breach involving Select Restaurant locations mentioned above appears to have been the result of an intrusion at the company’s POS vendor — Geneva, Ill. Based 24×7 Hospitality Technology. 24×7 handles credit and debit card transactions for thousands of hotels and restaurants, including more than 200 Buffalo Wild Wings franchises nationwide.
Read more on KrebsonSecurity.com.
[From the article:
From my perspective, organized crime gangs have so completely overrun the hospitality and restaurant point-of-sale systems here in the United States that I just assume my card may very well be compromised whenever I use it at a restaurant or hotel bar/eatery. I’ve received no fewer than three new credit cards over the past year, and I’d wager that in at least one of those cases I happened to have used the card at multiple merchants whose POS systems were hacked at the same time.
I think I have detected a trend.
I read this as proof that Japan is taking North Korea seriously. Somehow, I doubt North Korea see it the same way.
Japan holds first-ever evacuation drill simulating North Korean missile strike into waters nearby
Amid a growing missile threat from North Korea, the northern city of Oga, Akita Prefecture, held Japan’s first-ever evacuation drill for local residents, gaming out a scenario in which Pyongyang lobs a ballistic missile into the waters nearby.
Raspberry Pi Surges To 3rd Best Selling Computer Of All Time Surpassing The Commodore 64
… It must be noted, however, that this is kind of an odd comparison to make. During its heyday, the Commodore 64 cost a heck of a lot more than the $40 (or less) purchase price of today's RPis. In that regard, it makes perfect sense that a capable little all-in-one motherboard would sell far more units than a $600+ PC from 35 years ago. But the fact that RPi sold 12.5 million boards in 5 years is still downright impressive.