trending Market Intelligence /marketintelligence/en/news-insights/trending/paqtxwzt5zhuqx9hjatjgq2 content esgSubNav
In This List

Stein Mart reports data breach involving credit card data

Blog

Insight Weekly: Banks brace for recession; Europe PE deal values soar; US solar imports rebound

Video

According to Market Intelligence, December 2022

Blog

Insight Weekly: Layoffs swell; energy efficiency PE deals defy downturn; 2023 global risk themes

Blog

Insight Weekly: Energy crisis cripples Europe; i-bank incomes rise; US holiday sales outlook


Stein Mart reports data breach involving credit card data

Jacksonville, Fla.-based apparel retailer Stein Mart Inc. disclosed a data breach that may have compromised customer data, including names, addresses, email addresses and credit card information.

In an email sent by Stein Mart, the company urged customers who placed or attempted to place orders on its website May 19, June 1, June 5, July 8 and July 9 to check their payment card statements for unauthorized charges.

Stein Mart's third-party vendor, Annex Cloud, warned the retailer of the potential time periods when data entered by customers during the checkout process could have been captured, according to a copy of the letter posted on Twitter by ZDNet Security News Editor Catalin Cimpanu.

Annex Cloud provides a service that allows users to log into e-commerce websites using their accounts from other platforms, such as Facebook Inc. or Amazon.com Inc.

Stein Mart said Annex Cloud informed the company about an unauthorized code added to Annex Cloud's code that it uses to enable logins. The technology company removed the unauthorized code July 9.

The company advised customers to report unauthorized charges to their bank, adding that it has already removed the Annex Cloud login feature from its website while an investigation is ongoing.

Meanwhile, within an hour after posting the Stein Mart data breach, Cimpanu posted another email from sportswear retailer Title 9 Sports Inc., another client of Annex Cloud, warning of a similar security breach.