As high-profile data breaches at Neiman Marcus, Target, Michaels and other retailers have left consumers wondering if their information is safe, hackers continue to compromise company records for personal gain.
Recently, Goodwill Industries has teamed up with federal authorities to investigate a potential security breach. The nonprofit organization was notified by a payment card fraud unit that customer card numbers may have been compromised. Goodwill is working with credit card companies, the Secret Service and fraud investigators to confirm if there was actually a breach in one or more of its 2,900 stores.
Additionally, StubHub, the ticket marketplace owned by eBay, was also targeted by a ring of cybercriminals. Rather than breaching the company's databases, however, this fraud targeted customer accounts directly.
"Legitimate customer accounts were accessed by cyber criminals who had obtained the customers' valid login and password either through data breaches of other businesses, or through the use of key-loggers and/or other malware on the customers' PC," the company said in a news release.
StubHub uncovered over 1,000 accounts that were compromised in 2013, and the credit card information linked to those accounts was used to buy tickets that were then re-sold in New York and New Jersey.
Even after the company notified authorities and put security measures in place, the hackers worked around them to use new credit card information stolen from new victims — scamming StubHub out of $1 million. Eventually, officials tracked down six of the alleged thieves and indicted them as part of a cybercrime ring.
This follows news that Vendini, another ticketing service, just settled a class-action suit related to its 2013 data breach. Most of the people affected didn't know their data had been compromised until they received an email about the lawsuit settlement. Experts warn that consumers can't count on companies such as Vendini or Target to notify them of breaches and should closely monitor and protect their personal information and accounts.