| Individuals May 3, 2017

May 3, 2017

Stolen financial data at the center of breaches in April 2017

By Lookout

phone point of sale

Lookout tracks breaches related to companies and services that may impact customers with our Breach Report feature. Breach Report looks at the largest companies globally, and reports on those breaches to provide  customers the most relevant information. It also provides remediation actions to help keep them safe. Interested in getting Breach Report? Upgrade to Premium now.

Criminals breached a number of well-known companies this month including Chipotle, Gamestop, and Intercontinental Hotel Group. A common thread: stolen credit card data.

Stealing data for profit

Monetary gain is one of the most common reasons why we see attackers breaching companies. Criminals breach companies to steal people's credit card information and other personally identifiable information that they can sell on the dark web to turn a profit. They may also choose to use that information themselves to commit identity theft.

This month, we specifically saw a significant increase in the instances of stolen financial data, representing a 260 percent jump from March, a 120 percent jump from February, and a 450 percent jump from January of this year. Of course, the industry often only knows what the breached companies publicly report, but it shows that interest in targeting financial data is not dying down any time soon.

Chipotle is the latest example of point-of-sale credit card theft. Often when an attack compromises a POS system, they do so by installing malware on the servers that process credit and debit card sales, which then exfiltrates that data to an attacker-controlled server.

Chipotle said in a statement to customers, "We want to make our customers aware that we recently detected unauthorized activity on the network that supports payment processing for purchases made in our restaurants. ... We believe actions we have taken have stopped the unauthorized activity, and we have implemented additional security enhancements."

The company further explained that the transactions likely occurred between March 24, 2017 through April 18, 2017.

Intercontinental Hotel Group also issued a new statement, following up on its February breach announcement, showing that many more properties were impacted by point-of-sale malware than it originally thought. The company initially believed the breach had impacted a dozen locations. You can find a list of the breached locations here.

Gamestop is separately investigating a credit card breach; however, this one seems to be associated with credit card payments made through the company's website.

Overall trends

graph of total reported companies breached

There were 23 companies breached in April, and 11,550,326 instances of compromised  personal data. Home Depot was another household name to be compromised in April, in which around 8,000 customers reportedly had personal information breached. Many others were in the gaming/entertainment industries, as well as the education sector.

graph of reported data-types breached

By far, financial data, full names, and email addresses were the most common types of data breached in April. 

How to stay safe

All of this information can be used for monetary gain. Thankfully, in the case of identity theft and credit card fraud, individuals have many resources at their fingertips to help them stay safe. Here are a few tips:

  1. Check your bank statements regularly. Many banks do alert their customers to potential fraud in a timely manner, but you know your spending habits better than anyone else. Make sure there isn't anything fishy going on and if there is, contact your financial institution immediately.
  2. Been involved in a previous data breach? Many company offer additional credit monitoring. Take advantage of this. The more coverage, the better.
  3. Sign up for an identity protection service that can monitor your personal details and send you alerts if they ever show up on the dark web.

Interested in learning more? Watch this video of people giving their personal testimonies about experiencing identity theft and check out the Lookout personal product.