Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
News
See Security headlines »

Related Companies

Securities Industry and Financial Markets Association (SIFMA) JPMorgan Chase

Channels

Regulation & Compliance Retail banking Security Payments Wholesale banking

Keywords

Cards
Staples investigates data breach; Moscow cleared of JPMorgan hack

Staples investigates data breach; Moscow cleared of JPMorgan hack

Office supply retailer Staples has become the latest firm to reveal that it is investigating a possible data breach that could leave customer payment card details at risk.

The company was jolted into confirming that it has called in law enforcement by a report from security blogger Brian Krebs which disclosed that banks have identified fraud patterns indicating that several of its outlets in the north east of the US have been hit by hackers.

The possible breach is the latest in a long line at some the biggest retailers in the US over the last year. It is nearly a year since the Target attack first came to light, since when Neiman Marcus, Home Depot and, most recently, Sears-owned Kmart have all admitted their own breaches.

The spate of attacks has given urgency to the US's adoption of EMV chip technology. On Friday Barack Obama did his part, signing an executive order mandating the use of chip and PIN at executive departments and agencies for card payments.

Meanwhile, authorities are trying to find the culprits behind the attacks. In the case of one breach, at JPMorgan Chase, the FBI and Secret Service have now ruled out a potential hacker - the Russian government.

Speculation that Moscow may have been behind the attack - which saw the personal information of more than 80 million customers stolen - bubbled up in August as tension between Russia and the US grew over the Ukraine crisis. However, authorities now think that common cybercrooks were responsible.

With cybersecurity now a huge priority for the financial services industry, the US securities trade body Sifma has set out its own recommendations on what the industry and government can do to tackle the problem.

Sifma is calling on the government to embrace its responsibility to protect the business community and to listen to the industry when developing agency guidance. Despite insisting it takes the threat seriously, the body says that the resources of firms must be considered when guidance is shaped and that it must "flexible, scalable and practical". Concerns about secrecy are also aired, with the paper insisting that information sharing is limited to "respect firms' confidences".

The US government is facing plenty of fire from hackers itself, figures from its accountability office show. Federal agencies reported 48,562 cybersecurity incidents in 2012, up 782% on 2006. The office's Watch Blog notes that 24 federal agencies had information security weaknesses in key control categories such as supply chain issues.

Related Companies

Securities Industry and Financial Markets Association (SIFMA) JPMorgan Chase

Channels

Regulation & Compliance Retail banking Security Payments Wholesale banking

Keywords

Cards

Sponsored: [Upcoming Webinar] Instant Payments and their impact on the fraud landscape

Comments: (1)

A Finextra member
A Finextra member 21 October, 2014, 18:07Be the first to give this comment the thumbs up 0 likes

The USA is now subject to market compression....    asone of the last places that fraudsters can easily collect large numbers of card numbers that can then be used either online or in a white plastic format, it is inevitable that the Crims will gather for a final feeding frenzy before EMV is implemented...   

Even naysayers against the business case for EMV are coming round, the watermarked mag stripes and other interim defence measures are being thrown away as the US Cards industry  runs for EMV cover.    Lets hope the costs in consumer confidence are not too high and that the US Industry realises that CAT's are one of the benefits that EMV can bring to help pay for the changeover

Report abuse
Join the discussion

sponsored

JPMorgan Chase

Write a blog post about this story (membership required)

[New Survey Report] Definitive Differentiators - Forging a future-proof payments model[New Survey Report] Definitive Differentiators - Forging a future-proof payments model

Trending

Related News
Obama signs chip and PIN executive order

Obama signs chip and PIN executive order

Crook dumps Target card details on Russian forum

Crook dumps Target card details on Russian forum

Half of US POS terminals to accept chip cards by end of 2015

17 Oct 2014

Kmart joins retailer hall of infamy following eftpos hack

13 Oct 2014

POS manufacturer breach puts cards at risk

29 Sep 2014

DTCC and FS-ISAC light a beacon in the fight against cyber-invaders

25 Sep 2014

Home Depot says 56 million payment cards compromised in breach

19 Sep 2014

Trending

  1. Lloyds Bank cuts risk dept headcount

  2. UK government announces open finance task force

  3. Lloyds warns against fraudsters on Booking.com and Airbnb

  4. Chips migrates to ISO 20022 message format

  5. Santander brings Openbank digital brand to US

Research
See all reports »
The Future of UK Fintech - 2015-2035

The Future of UK Fintech - 2015-2035

Definitive Differentiators - Forging a future-proof payments model

Definitive Differentiators - Forging a future-proof payments model

APP Fraud Liability: A Guide for Banks

APP Fraud Liability: A Guide for Banks