Sears: No Indication of Breach
Mar. 3, 2014
While Bitcoin garnered all the headlines last week, Friday saw a development in the previous “big story” in the payments world. After the massive security breach at Target, the FBI circulated a report to retailers in January warning that up to 20 other undiscovered or undisclosed breaches were underway. On Friday, rumors that Sears may be the latest were flatly denied by the company. Chicago-based Sears issued a statement on Friday that said while an internal investigation of its security systems is in progress, “we have found no information based on our review of our systems to date indicating a breach.”
Published reports on Friday suggested the U.S. Secret Service and Verizon Communication’s digital forensics unit were investigating the possible breach, but both organizations declined to comment.
Noted security blogger Brian Krebs indicated a flaw in the investigative process that manifests itself in the wake of large security breaches like Target and Neiman Marcus could be responsible for the attention Sears is receiving. Krebs spoke to a security expert who said a common—and usually very effective—technique for analyzing fraud patterns on compromised cards results in a high rate of false positives in the 60-to-90 day period following major breaches.
Separately, earnings at Target slumped in the fourth quarter and the company said the breach was a major culprit. Revenue for the quarter fell 5.3 percent, translating into a 43 percent dip in net income.