PodcastsJan 12, 2026
The latest poscasttest
MajorsApr 03, 2018
Saks, Lord & Taylor the Latest Hit by Hackers
They reportedly gained access to the retailers’ cash register systems to steal payment card data from more than 5 million customers.
Hudson’s Bay Company announced Sunday that hackers had gained access to the debit and credit card numbers of customers at two of its retailers--Lord &Taylor and Saks.
New York--Saks Fifth Avenue and sister retailer Lord & Taylor just joined the long list of large companies that have been hacked.
On Sunday, parent company Hudson’s Bay Co. issued a short statement confirming that it had become aware of a “data security issue” involving the credit and debit card numbers of customers who shopped at certain Saks Fifth Avenue, Saks Off 5th and Lord & Taylor stores in North America.
While the investigation is ongoing, HBC said it doesn’t appear the breach impacted customers who shopped at any of its other stores or online, including on Gilt.com.
“The company deeply regrets any inconvenience or concern this might cause,” the statement reads. “Once the company has more clarity around the facts, it will notify customers quickly and will offer those impacted free identity protection services, including credit and web monitoring.”
HBC did not release any specifics about the number of consumers or location of stores impacted, but in a blog post also published Sunday, Gemini Advisory pinned the attack on a cybercrime syndicate known as JokerStash or Fin7.
The cybersecurity research firm said Fin7 announced March 28 it would be releasing for sale more than 5 million stolen debit and credit card numbers on the dark web, and already has put about 125,000 out there.
Fin7 didn’t say where it obtained the numbers, but Gemini said it confirmed with a “high degree of confidence” that the numbers came from Saks Fifth Avenue and Lord & Taylor. It estimated the breach occurred between May 2017 and now, impacting all Lord & Taylor and 83 Saks stores mainly in New York and New Jersey.
The research firm said it is “among the most significant credit card heists in modern history.”
A spokesperson for HBC declined to comment on Gemini’s statement.
Cybercrime is a growing problem for retailers, including retail jewelers.
In its recently released annual crime report for 2017, the Jewelers Security Alliance noted a “large dollar increase” in thefts by deception and impersonation made possible by the internet, with the average loss from this type of incident topping $1 million.
JSA President John J. Kennedy called it a “dangerous and growing crime trend” for the industry.
On Monday, he offered a number of cybersecurity tips for retailers. Some, he noted, might involve hiring an IT consulting firm.
Kennedy said retailers need to have proper firewalls and up-to-date anti-malware software for all systems, and they need to avoid visiting “questionable and risky sites.”
Jewelers
Editors' Picks
Sponsored by
also need to educate their staff on the common mistakes made that let hackers in.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
Kennedy said one of the main methods cybercriminals employ is social engineering, in which they use various methods to win the trust of the company’s employees in order to gain unauthorized access to its IT system.
(The New York Times reported this is what was used by the hackers who targeted Saks and Lord & Taylor. The credit and debit card numbers were stolen via software implanted into the stores’ cash register systems that, most likely, was installed through phishing emails sent to HBC employees.)
He said staff need to be told, or reminded, not to open or click into unknown or suspicious emails.
They also need to be aware that emails can be spoofs—which use the exact email address of known individuals—or come from someone who has obtained an email address that is very similar to, but not exactly the same as, a known party’s address. They need to look for foreign domains, misspellings and other anomalies in emails.
When a transaction is involved, Kennedy recommends calling the person on the phone to confirm that it is not a fraud.
He also recommends having a written cybersecurity policy employees have to read and sign, and having regular staff meetings that include reviews of the company’s cybersecurity protocols.
More on Majors
The Latest
Weekly QuizOct 03, 2024
This Week’s QuizTest your jewelry news knowledge by answering these questions.
PodcastsJan 12, 2026
Introducing My Next Question, the PodcastA monthly podcast series for jewelry professionals
Brought to you by
Navigating Cybersecurity: Essential Guidance for JewelersFrom protecting customer data to safeguarding inventory records, it's crucial to learn how to tackle cybersecurity challenges.
PodcastsNov 27, 2025
Test Podcast With VideoTest Podcast With Video. New interview with Ada Lovelace.
PodcastsNov 25, 2025
Test New Podcast PostAbstract for tests. New Podcast interview with John Lennon, Jimi Hendrix and Jim Morison.
ColumnistsOct 09, 2024
Peter Smith: 7 Things to Know When Selling LuxuryAhead of the holiday season, Smith delves into the often subconscious reasons people buy luxury products for themselves or their loved ones.
AuctionsOct 09, 2024
Rolex Worn on Apollo 14 Mission Up for SaleThe GMT-Master “Pepsi” belonging to astronaut Edgar Mitchell is a standout in RR Auction’s online “Space Auction,” going on now.
MajorsOct 09, 2024
PGI Launches New Virtual Sales TrainingRetail sales associates can access the video series on mobile to refresh their selling skills.
Policies & IssuesOct 09, 2024
GJNRF: Reaching Out, Rebuilding Futures For 25 years, India’s Gem & Jewellery National Relief Foundation has provided aid in the wake of war, natural disasters, and global crises.
AuctionsOct 08, 2024
Sotheby’s Selling Jewelry That Belonged to a Bulgarian TsarThe November auction will feature a collection of jewels owned by Ferdinand I, the first king of modern Bulgaria, and his family.
SourcingOct 08, 2024
Rio Tinto Begins New Phase of Production That Will Extend Diavik’s LifeCommercial production has begun underground at the Canadian diamond mine’s A21 pipe.
SurveysOct 08, 2024
What to Know About Online Shopping This Holiday SeasonDeloitte and Adobe Analytics shared their insights on the season, from the retail sales forecast to the role of generative AI.
CollectionsOct 08, 2024
Sylvie Adds New Men’s BandsThe Texas-based jeweler collaborated with luxury clothing brand Uncommon Man on men’s bands designed with European influences.
SourcingOct 08, 2024
Is Current Diamond Industry Turbulence Shaping a ‘New Normal’? Industry players have found ways to cope with market conditions while working to reshape themselves in the face of emerging realities.
SourcingOct 07, 2024
Rio Tinto to Offer 76 Diamonds in 2024 Beyond Rare Tender The sales event, in its second year, features a selection of rare diamonds from the miner’s Argyle and Diavik diamond mines.
CollectionsOct 07, 2024
Olympian Kristi Yamaguchi Partners With Heller Jewelers on New CollectionA portion of the proceeds from the “Always Dream” collection will go to Yamaguchi's foundation, supporting early childhood literacy.
SurveysOct 07, 2024
Hill & Co.’s New ‘Business of Jewelry Report’ Is OutThe first in what is slated to be a series of in-depth reports from the consulting company, it focuses on shortening supply chains.
