Delaware, USA – April 2, 2018 – Last week, Gemini Advisory reported one of the most massive data card leakages. On Wednesday, March 28, adversaries from the JockerStash group announced a new batch of compromised payment cards, which they called BIGBADABOOM-2, and put up for sale in Darknet nearly 125,000 of the stolen 5 million. The researchers analyzed the data on payment cards and concluded that the leak occurred in Lord & Taylor and Saks Fifth Avenue stores, owned by Hudson’s Bay Company. These stores have been compromised at least since May 2017, almost all locations were in the US, while only three Saks Fifth Avenue locations are known to be compromised in Canada. Researchers at Gemini Advisory consider BIGBADABOOM-2 data breach to be the most dangerous, as it will be more difficult for banking anti-fraud controls to detect malicious operations with payment cards of luxury stores customers, also many compromised records belong to customers from other countries whose banks may not have sufficient anti-fraud protection.
JockerStash hacker group is known for its past productive operations against companies in North America and the subsequent sale of large batches of payment cards. One of the ways to protect your company against such data leak is the migration to more secure EMV POS terminals. Also, you can use your SIEM and actionable SOC Use Cases from Threat Detection Marketplace.