The target: Saks Fifth Avenue and Lord & Taylor, high-end department stores.
The take: 5 million credit and debit card account numbers.
The attack vector: Attackers appear to have gained complete access to the breached department stores’ networks, and installed card-scraping malware on point-of-sale terminals at all 51 Lord & Taylor and 83 Saks Fifth Avenue locations. The compromise appears to have initiated in May of 2017 and was discovered and remediated one year later.