Sears Denies Breach

Retailer Says Systems Show No Evidence of Compromise
Sears Denies Breach

On Feb. 28, Bloomberg News and others reported that a possible breach at Sears Holding Corp. was being investigated by the Secret Service. Sears, which also owns Kmart, mygofer, Shop Your Way and Land's End, says it has not confirmed a breach.

See Also: How to Hunt Threats Like Elite Defenders with Open NDR + MITRE ATT&CK®

In a statement e-mailed to Information Security Media Group, Sears says it is reviewing its systems and has found nothing to date to indicate its network has been attacked.

"There have been rumors and reports throughout the retail industry of security incidents at various retailers, and we are actively reviewing our systems to determine if we have been a victim of a breach," the statement reads.

But other industry sources tell Information Security Media Group that some card issuers are suspecting a breach of credit and debit cards that have been used at the Hoffman Estates, Ill.-based retailer. It's also not clear if there is any connection to be made between some of this new activity and the breach at Target Corp., which ultimately is believed to have compromised some 40 million U.S. payment cards, the executive adds.

"There is so much overlap in the population with other breaches that it's difficult to know at this early date which one is causative," the executive says. It's also too early to know whether card transactions conducted with other brands owned by Sears also were impacted, the executive says.

Financial fraud expert and Gartner Research analyst Avivah Litan says Sears is one of the two retailers rumored earlier this week during RSA Conference 2014 to have been breached. "But it was just speculation among industry players," Litan says. "I didn't hear anything about any fraud that happened because of it."

Rumors of Others Attacked

On Feb. 27, Litan said she was hearing rumors that two additional retailers, one in Europe and one in the U.S., had been breached.

Later that day, Verizon Communications Inc. confirmed it was reviewing two apparent retail breaches that may be linked to recent high-profile incidents, including the Target attack. Bryan Sartin of Verizon's Enterprise Solutions unit reportedly told the Wall Street Journal he couldn't disclose who the two retailers are.

About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by, ABC News, and MSN Money.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.