Thanksgiving and Black Friday are important days for retailers and consumers alike, but they’re also key dates for cybercriminals.
During these periods, the explosion of online shopping, and the rise of transaction volumes make them a prime target for cyberattacks. In this blog we look back at 5 of the major holiday attacks from years gone by and the fallout from them.
1. Macy’s Magecart Attack (2019)
In November 2019, Macy’s became a victim of a Magecart attack just before Black Friday. Hackers injected malicious code into the company’s online payment system, allowing them to skim customers’ credit card information directly from the checkout page.
The stolen data included credit card numbers, expiration dates, and verification codes, all captured during the purchasing process. Although Macy’s did not disclose the exact number of victims, it is estimated that thousands of customers were affected.
This breach resulted in significant damage to the company’s reputation, forcing Macy’s to notify affected customers and offer identity protection services at the height of the shopping season.
2. Target Data Breach (2013)
One of the most infamous Black Friday-related cyberattacks was the Target data breach, which began over the Thanksgiving weekend in 2013. Hackers infiltrated Target’s network by using stolen credentials from a third-party vendor, installing malware on the retailer’s point-of-sale (POS) systems.
This breach allowed attackers to steal 40 million credit and debit card records and 70 million additional personal records, such as customer names, addresses, and phone numbers.
The financial cost of this attack was immense, with Target settling for $18.5 million across multiple states. Over 110 million individuals were affected, making it one of the largest breaches in retail history.
3. San Francisco MUNI Ransomware (2016)
In 2016, the San Francisco Municipal Transportation Agency (MUNI) was struck by a ransomware attack during the Thanksgiving weekend.
The ransomware, known as Mamba, encrypted over 2,000 of MUNI’s systems, including its ticketing machines, which led to passengers riding for free as the agency couldn’t process fare payments.
The attackers demanded 100 Bitcoin (approximately $73,000 at the time) to decrypt the data, but MUNI refused to pay the ransom. Though no sensitive customer data was compromised, the attack severely disrupted service for over 700,000 daily passengers, resulting in significant recovery costs.
4. PlayStation Network DDoS Attack (2015)
On Black Friday in 2015, Sony’s PlayStation Network (PSN) experienced a major outage, with Lizard Squad claiming responsibility.
The attack led to significant disruptions across both the U.S. and Europe, affecting account sign-ins, online multiplayer, and new console registrations.
Many users initially believed the outage was due to the surge of Black Friday traffic, but later that day, a Twitter user, @chippyshell, who claimed to be the founder of Lizard Squad, tweeted “PSN #OFFLINE #CHIPPY #LIZARDSQUAD.”
This tweet was retweeted by Lizard Squad’s official account, boosting visibility for the group.
5. Neiman Marcus Data Breach (2013)
In 2013, around the same time as the Target breach, luxury retailer Neiman Marcus was also hacked.
Like Target, Neiman Marcus had malware installed on its POS systems, which harvested payment card data from customers who shopped during the Black Friday period.
In total, about 350,000 payment cards were compromised, with 9,200 of those cards being used fraudulently. The breach cost Neiman Marcus significant legal and recovery expenses, emphasizing the vulnerability of retailers during the holiday shopping season.
Summary of the Top 5 Cyberattacks
Below is a summary table of these cyberattacks, detailing the type of attack, the number of victims involved, and the resulting damages or costs.
Each attack had its own set of consequences, ranging from financial loss and stolen customer data to widespread service disruptions.
Protect Your Business with BlackFog
As these attacks show, the holiday season can be a prime time for cybercriminals to strike, targeting both businesses and consumers alike.
Don’t let your company be the next victim of a costly breach. BlackFog’s advanced anti data exfiltration (ADX) technology actively prevents data theft and ransomware by stopping cybercriminals before they can execute their attacks.
Whether it’s ransomware, phishing, or insider threats, BlackFog continuously monitors for threats, ensuring your sensitive information remains secure.
Request a demo of BlackFog’s solution and take the first step toward safeguarding your business this holiday season.
Related Posts
Ransomware Containment: Effective Strategies to Protect Your Business
Discover effective ransomware containment strategies for your business. This guide discusses network segmentation, zero trust, and practical best practices for IT managers and cybersecurity professionals to reduce ransomware damage.
Ransomware Meets Retail: Sainsbury’s, Starbucks and Morrisons Feel the Heat from Blue Yonder Attack
The Blue Yonder ransomware attack disrupted major retailers like Sainsbury’s, Starbucks, and Morrisons, highlighting the vulnerabilities of global supply chains and the urgent need for stronger cybersecurity defenses.
Top 5 Cyberattacks During Black Friday and Thanksgiving
Find out about the top five biggest cyberattacks for Black Friday and Thanksgiving, from data breaches and ransomware, to see the risks businesses experience during the holidays.
Healthcare Ransomware Attacks: How to Prevent and Respond Effectively
Learn how to protect yourself from healthcare ransomware attacks. We discuss the main security weaknesses, suggest security steps, and offer possible means of protecting patient information.
Everything That You Need to Know About the Dark Web and Cybercrime
Learn about the dark web, including who uses it, how it operates, and what tools cybercriminals obtain on it. Find out how BlackFog monitors networks, forums, and ransomware leak sites in order to stay ahead of new threats.
Ongoing: New Ransomware Gangs in 2024
Ransomware gangs continue to break records and BlackFog will track all new ransomware gangs in 2024.