Nuspire's analysis of data from retailers shows a significant increase in malware alerts and various hacking methods targeting retail businesses in 2014, illustrating a trend in malware-based attacks. High-profile breaches included those at Home Depot and Sally Beauty, compromising millions of credit card details. The report warns that stolen data is often laundered through black markets, emphasizing the need for robust security measures for geographically distributed networks.

1. APPLICATION
EXPLOITS
AUTHENTICATION
ACCESS/AUTHORIZATION 2%
2%
Nuspire crunched data for retailers
in its customer base over a 6 month
period and found that Tickets generat-
ed from Security Information Event
Management (SIEM) systems have
seen a huge increase in the amount of
maleware alerts over the last two
years.
This shows that hackers are attacking
retailers with different variants of
maleware in hopes that one will stick
and gain access to valuable data.
2014 saw a trend in most retail hacks
being maleware based.
Breach
Hacker steals
Credit Card Data
Gift Cards
Buyer purchases
Retailer Gift Cards
using stolen Credit
Online Auction
Buyer uses Gift Cards to
purchase items then sell
online through eBay or
other sites
Web Buyer
Purchases valid
credit card numbers
using Bit Coins
Deep Web
Distributor sells cards
online through Black
Market on “Deep Web”
Reshipped
Shipper takes original
delivery of item and
re-ships to online
auction buyer
Distributor
Hacker sells cards
in bulk to distributor
101011001010100100100101001010010010101
101010010001101001010010100100101010010
010011101011010011101010101001001000101
101000110101010010101001001010010010101
101011001010100100100101001010010010101
101010010001101001010010100100101010010
010011101011010011101010101001001000101
101000110101010010101001001010010010101
101011001010100100100101001010010010101
101010010001101001010010100100101010010
010011101011010011101010101001001000101
101000110101010010101001001010010010101
101011001010100100100101001010010010101
101010010001101001010010100100101010010
010011101011010011101010101001001000101
101000110101010010101001001010010010101
OF THE
y
e
a
r
2014
RETAIL
DATA BREACH
20 Oct. 2014
Staples
Breach Public
10 Oct. 2014
Kmart
Breach Public
02 Sep. 2014
Home Depot
Breach Public
14 Aug. 2014
Jewel - Osco
Breach Public
14 Aug. 2014
Supervalu
Breach Public
21 Jul. 2014
Goodwill
Breach Public
06 Jun. 2014
P.F. Chang
Breach Public
03 Mar. 2014
Sally Beauty
Breach Public
25 Jan. 2014
Michaels Stores
Breach Public
10 Jan. 2014
Neiman Marcus
Breach Public
05 Dec. 2014
bebe stores
Breach Public
Payment information for
56 million credit cards was
compromised in a security
breach at Home Depot
which took place between
April and September of
2014
Although official numbers
on the Sally Beauty breach
are still being investigated,
on March 2, a fresh batch
of 282,000 stolen credit
and debit cards went on
sale in a popular under-
ground crime store,
On Tuesday, June 10, the
U.S. Secret Service alerted
P.F. Chang's to a possible
security compromise in-
volving credit and debit
card data stolen from cer-
tain P.F. Chang's China
Bistro restaurants. 33
restaurants were involved
bebe says its investigation
suggests the attack was on
data from payment cards
swiped in stores between
Nov. 8 and Nov. 26. The
data may have included
cardholder names, ac-
count numbers, expiration
dates, and verification
1.5%
1.6%
4.7%
9.6%
2014 Percentage of Records Stolen*
Banking/Credit
Financial
Government/Military
Medical/Healthcare
Educational
Incidents of Business/Retail hacking
since 2007 has grown by
AFTER CREDIT DATA IS STOLEN
IT CAN BE LAUNDERED IN MANY
WAYS THROUGH BLACK MARKETS
ON THE
2014 BREACH CATEGORIES
IS YOUR DATA SAFE WHERE YOU SHOP?
DEEP WEB
11.7%
26.1%
13%
7.5%
14.3%
9.3%
Insider
Theft
Hacking
Data on
the Move
Accidental
Exposure
3rd Party
Contractor
Employee
Negligence
IF YOU NEED TO PROTECT GEOGRAPHICALLY
DISPERSED AND DISTRIBUTED NETWORKS
SUCH AS RETAIL, FRANCHISE AND BRANCH OFFICES
FROM TODAY’S THREAT LANDSCAPE, NUSPIRE CAN HELP