The reward schemes of at least 10 leading retailers have been compromised by hackers, with numerous fraudulent loyalty point accounts available on the dark web in exchange for Bitcoin, according to security experts. Hackers appear to have obtained the information through a variety of means, including exploiting vulnerabilities in retailers’ platforms, targeting individuals, and compiling information from third-party sites. Those accounts are then being fraudulently used to redeem a variety of free items, according to cyber security firm CyberInt, which collects and analyses data from multiple online sources. CyberInt recently revealed that the pub chain JD Wetherspoon had been hacked, leading to more than 650,000 customer email addresses, phone numbers and dates of birth having been stolen. These details were also for sale on the dark web. The company would not identify all retailers, but it has named a leading UK supermarket and the sandwich chain Subway customers as among the targets.
View full story
ORIGINAL SOURCE: The Register