Earlier this year Target admitted that it had experienced a data breach during the 2013 holiday shopping season, during which more than 70 million credit cards were exposed to hackers. Soon after, we learned that Neiman Marcus was also subject to an attack. Now, another retailer, Sears, is in the spotlight.
According to a report published by Bloomberg on Friday, the United States Secret Service is currently investigating an attack on Sears. The retailer has so far not confirmed whether or not it was victim to a cyber attack, and the scale of the rumored attack is unclear. The company did, however, confirm that it’s checking to see if anything fishy occurred.
“There have been rumors and reports throughout the retail industry of security incidents at various retailers, and we are actively reviewing our systems to determine if we have been victim of a breach,” a Sears spokesperson told Bloomberg. “We have found no information based on our review of our systems to date indicating a breach.”
Of course, the problem with that statement is that Sears indeed might not know if a breach happened. In the case of the Target breach, hackers used credentials from a third-party HVAC team to gain back door access to the retailer’s credit card system. The same could have happened at Sears, unbeknownst to its security team.
The Secret Service may be getting involved in an effort to identify who has been hacking U.S. retailers in general – though this is the first time we’ve heard Sears included in the investigations. So far, research from cyber security expert Brian Krebs has suggested the attacks are originating in eastern Europe and western Asia.