Gemini Advisory, a cybersecurity research firm, has reported that a cybercriminal ring has stolen more than five million credit and debit card details from North American stores of retail brands Saks Fifth Avenue and Lord & Taylor.

According to Gemini, the theft most likely involved data from May 2017 to present from the complete network of Lord & Taylor and 83 Saks Fifth Avenue outlets.

The firm added that majority of credit cards were obtained from New York and New Jersey locations.

Both Saks Fifth Avenue, including its discounted offset brand Saks Fifth Avenue OFF 5TH, and Lord & Taylor are owned by Canadian company Hudson’s Bay.

The company confirmed the breach but did not reveal any information on the extent or the number of customers impacted. It added that investigation is being carried out and its e-commerce sites appear to remain unaffected.

A Hudson’s Bay statement read: “We recently became aware of a data security issue involving customer payment card data at certain Saks Fifth Avenue, Saks OFF 5TH, and Lord & Taylor stores in North America.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

“We identified the issue, took steps to contain it, and believe it no longer poses a risk to customers shopping at our stores.

“While the investigation is ongoing, there is no indication that this affects our e-commerce or other digital platforms, Hudson’s Bay, Home Outfitters or HBC Europe.”

If the current declared number of compromised cards is to be accurate, this attack can be considered among the biggest and most damaging ones to retail companies.