New HP POS Integrates Intel Data Security Technologies

HP RP9 Retail System frontA new point-of-sale system from HP is the company's first to include key integrated peripherals enabled with Intel Data Protection Technology for Transactions (DPT for Transactions) technology. The HP RP9 Retail System, which was introduced at the NRF 2016 Big Show, provides end-to-end protection of both payment and non-payment customer data. This creates a secure transaction path that routes data directly from the point of entry to a bank's servers, encrypting sensitive information throughout the process.

"We know the safety of personal data has become a growing concern for retail customers in recent years," said Joe Jensen, VP of Intel's Retail Solutions Division in a statement. "Our Data Protection Technology implemented on the new HP RP9 retail system helps assure customers their data is safe from the moment they make a purchase and provides peace of mind for retailers who are ultimately responsible for customer information."


Speech Recognition Security Tool Redacts Payment Card Numbers In Real Time

When we think about data breaches, the mental image is of a literally silent crime: hackers surreptitiously extracting payment card or personal data from online purchases, or someone sneaking away from a store's point-of-sale with a device that has recorded the data from that day's card transactions.

It's easy to forget that many transactions are still conducted by voice — over the telephone with call center agents. In some retail verticals, as many as 20% to 30% of calls contain sensitive financial information, according to mobile advertising analytics firm Marchex. Safeguarding the sensitive information exchanged during these purchases involves deleting or masking the payment card numbers that are shared by customers.


Breach Exposes Details Of 3.3 Million Hello Kitty Users, But No Data Is Stolen

More than three million accounts associated with the Hello Kitty brand on, and were left vulnerable to data theft, according to a report from CSO Online. Sanrio, the retailer and designer that owns the Hello Kitty brand, said it has since secured the servers.

Online security researcher Chris Vickery uncovered the database vulnerability on Dec. 19, contacting CSO Salted Hash and The leaked information included users' first and last names, birthdays, genders, countries of origin, email addresses, password hashes, password hint questions and answers and other data, according to Vickery.

In a statement, Sanrio Digital said, “At this time we have no indication that any personal information was stolen.” Credit card and additional payments information was not included in the leaked data, and user passwords were encrypted.

In addition to the primary SanrioTown database, two additional backup servers containing mirrored data also were discovered. The earliest logged exposure of this data is November 22, 2015.

Vickery, who explores security vulnerabilities in his spare time and reports them to the affected companies, said the hole in the Hello Kitty site was the result of a database misconfiguration, leaving it open to public access without a password or authentication, according to Reuters.

This is the second time Sanrio has had to deal with a database leaking information. Earlier in 2015, the company investigated a database leak that exposed information on more than 6,000 shareholders.

The incident comes on the heels of the data breach of another Hong Kong-based children’s product brand, VTech. That hack exposed personal data, chat logs and photos of as many as 6.3 million people, including 200,000 children. This month, UK police arrested a 21-year-old man in connection with the VTech breach.


Children’s Photos, Chat Logs Snagged From VTech Site

The personal data of up to five million parents and more than 200,000 children was lifted from the servers of digital learning toy manufacturer VTech.

Information was swiped from the Learning Lodge app store database. Learning Lodge is a site that allows consumers to download apps, learning games, E-books and other content to their VTech toys.


Technology Is Important, But Trust Is Essential

2TrustWe talk a lot about omnichannel retail and giving today's shoppers every option when it comes to product ordering and delivery. But what is really at the heart of retail success is establishing a trusting relationship with customers. It sounds simple, but it's not.

This week I attended the Money20/20 conference in Las Vegas, where there were a lot of discussions and questions around data security and payment innovation. Are retailers implementing EMV? How can we make mobile payment work at the drive-thru? What are the steps to speeding the checkout process, both online and in the store? These are all great questions and need to be addressed, but when it comes right down to it, they all lead to Trust.


America’s Thrift Stores Reports Data Security Breach

AmericasThriftAmerica’s Thrift Stores, an organization that operates donations-based thrift stores in the Southeastern U.S., revealed in an official statement that it has been the victim of a malware-driven data security breach. The breach targeted software used by a third-party service provider.

The statement, from Kenneth Sobaski, CEO of America’s Thrift Stores, indicated the breach enabled criminals from Eastern Europe to access some payment card numbers.


In Largest Ever Tech Deal, Dell Buys EMC For $67 Billion

MichaelDellAt a time when other technology companies such as HP and eBay are making themselves smaller by spinning off divisions, Dell and EMC are combining to create a technology giant that will have estimated annual revenues of more than $80 billion. The company will sell a wide variety of both consumer and IT products including PCs, mobile technology, servers and data storage technology and virtualization software.

The $67 billion transaction, being called the largest technology deal of all time, will result in a combined company that is privately held, as Dell currently is. However, the virtualization software manufacturer VMware, in which EMC has an 81% stake, will remain as an independent publicly traded company. EMC shareholders will receive $24.05 per share in cash in addition to tracking stock linked to a portion of EMC's interest in the VMware business.


Five Practical Security And Risk Management Tips For Retailers

Kenya husband- Retail marketingAccording to a recent report, retail is among the top five industries suffering the most from data breaches, with POS intrusions accounting for one in four breaches observed last year. Not surprising given the fact that retail systems hold extremely valuable customer information, making them an attractive target for hackers.

With the recent surge in high profile data breaches, retailers are acutely aware of the need to safeguard against a possible security breach. However, the reality is that in today’s hyper-connected age, it is increasingly difficult to stay a step ahead of every security threat. It can be difficult not only to know exactly where to focus efforts for the best result, but also to justify the associated ROI. There are, however, practical steps that retailers can take to improve their security measures so they are armed with practical solutions that enable them to be better prepared and ready to act before a threat arises.


Fred’s Investigates Security Breach On Two Servers

fredsDiscount retail chain Fred’s has revealed that a hacker gained access to two servers that process payments data after credit and debit cards are swiped. The hacker placed a malware program capable of copying payment card data on both servers on March 23, according to a company regulatory filing. The program appeared to stay active on one server until April 8 and on another server until April 24.

The malware program was designed to search for and retrieve track 2 data — data from payment card magnetic stripes including the card number, expiration date and verification code. However, Fred’s did not find evidence that the track 2 data was removed from the company’s system, according to the filing. No other customer information was at risk during the breach.

Subscribe to this RSS feed