Big Blue Nation goes crazy for British cereal Weetabix

With retail cyberattacks on the rise, customers find orders blocked and shelves empty

Yahoo

34 minutes ago

Yahoo

With retail cyberattacks on the rise, customers find orders blocked and shelves empty

NEW YORK (AP) — A string of recent cyberattacks and data breaches involving the systems of major retailers have started affecting shoppers. United Natural Foods, a wholesale distributor that supplies Whole Foods and other grocers, said this week that a breach of its systems was disrupting its ability to fulfill orders — leaving many stores without certain items. In the U.K., consumers could not order from the website of Marks & Spencer for more than six weeks — and found fewer in-store options after hackers targeted the British clothing, home goods and food retailer. A cyberattack on Co-op, a U.K. grocery chain, also led to empty shelves in some stores. Cyberattacks have been on the rise across industries. But infiltrations of corporate technology carry their own set of implications when the target is a consumer-facing business. Beyond potentially halting sales of physical goods, breaches can expose customers' personal data to future phishing or fraud attempts. Here's what you need to know. Cyberattacks are on the rise overall Despite ongoing efforts from organizations to boost their cybersecurity defenses, experts note that cyberattacks continue to increase across the board. In the past year, there's also been an 'uptick in the retail victims" of such attacks, said Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance, a U.S. nonprofit. 'Cyber criminals are moving a little quicker than we are in terms of securing our systems," he said. Ransomware attacks — in which hackers demand a hefty payment to restore hacked systems — account for a growing share of cyber crimes, experts note. And of course, retail isn't the only affected sector. Tracking by NCC Group, a global cybersecurity and software escrow firm, showed that industrial businesses were most often targeted for ransomware attacks in April, followed by companies in the 'consumer discretionary' sector. Attackers know there's a particular impact when going after well-known brands and products that shoppers buy or need every day, experts note. 'Creating that chaos and that panic with consumers puts pressure on the retailer,' Steinhauer said, especially if there's a ransom demand involved. Ade Clewlow, an associate director and senior adviser at the NCC Group, points specifically to food supply chain disruptions. Following the cyberattacks targeting M&S and Co-op, for example, supermarkets in remote areas of the U.K., where inventory already was strained, saw product shortages. 'People were literally going without the basics,' Clewlow said. Personal data is also at risk Along with impacting business operations, cyber breaches may compromise customer data. The information can range from names and email addresses, to more sensitive data like credit card numbers, depending on the scope of the breach. Consumers therefore need to stay alert, according to experts. 'If (consumers have) given their personal information to these retailers, then they just have to be on their guard. Not just immediately, but really going forward," Clewlow said, noting that recipients of the data may try to commit fraud 'downstream.' Fraudsters might send look-alike emails asking a retailer's account holders to change their passwords or promising fake promotions to get customers to click on a sketchy link. A good rule of thumb is to pause before opening anything and to visit the company's recognized website or call an official customer service hotline to verify the email, experts say. It's also best not to reuse the same passwords across multiple websites — because if one platform is breached, that login information could be used to get into other accounts, through a tactic known as 'credential stuffing.' Steinhauer adds that using multifactor authentication, when available, and freezing your credit are also useful for added lines of defense. Which companies have reported recent cybersecurity incidents? A range of consumer-facing companies have reported cybersecurity incidents recently — including breaches that have caused some businesses to halt operations. United Natural Foods, a major distributor for Whole Foods and other grocers across North America, took some of its systems offline after discovering 'unauthorized activity' on June 5. In a securities filing, the company said the incident had impacted its 'ability to fulfill and distribute customer orders." United Natural Foods said in a Wednesday update that it was 'working steadily' to gradually restore the services. Still, that's meant leaner supplies of certain items this week. A Whole Foods spokesperson told The Associated Press via email that it was working to restock shelves as soon as possible. The Amazon-owned grocer's partnership with United Natural Foods currently runs through May 2032. Meanwhile, a security breach detected by Victoria's Secret last month led the popular lingerie seller to shut down its U.S. shopping site for nearly four days, as well as to halt some in-store services. Victoria's Secret later disclosed that its corporate systems also were affected, too, causing the company to delay the release of its first quarter earnings. Several British retailers — M&S, Harrods and Co-op — have all pointed to impacts of recent cyberattacks. The attack targeting M&S, which was first reported around Easter weekend, stopped it from processing online orders and also emptied some store shelves. The company estimated last month that the it would incur costs of 300 million pounds ($400 million) from the attack. But progress towards recovery was shared Tuesday, when M&S announced that some of its online order operations were back — with more set to be added in the coming weeks. Other breaches exposed customer data, with brands like Adidas, The North Face and reportedly Cartier all disclosing that some contact information was compromised recently. In a statement, The North Face said it discovered a 'small-scale credential stuffing attack' on its website in April. The company reported that no credit card data was compromised and said the incident, which impacted 1,500 consumers, was 'quickly contained.' Meanwhile, Adidas disclosed last month that an 'unauthorized external party' obtained some data, which was mostly contact information, through a third-party customer service provider. Whether or not the incidents are connected is unknown. Experts like Steinhauer note that hackers sometimes target a piece of software used by many different companies and organizations. But the range of tactics used could indicate the involvement of different groups. Companies' language around cyberattacks and security breaches also varies — and may depend on what they know when. But many don't immediately or publicly specify whether ransomware was involved. Still, Steinhauer says the likelihood of ransomware attacks is 'pretty high' in today's cybersecurity landscape — and key indicators can include businesses taking their systems offline or delaying financial reporting. Overall, experts say it's important to build up 'cyber hygiene" defenses and preparations across organizations. 'Cyber is a business risk, and it needs to be treated that way," Clewlow said.

With retail cyberattacks on the rise, customers find orders blocked and and empty shelves

Yahoo

34 minutes ago

Yahoo

With retail cyberattacks on the rise, customers find orders blocked and and empty shelves

NEW YORK (AP) — A string of recent cyberattacks and data breaches involving the systems of major retailers have started affecting shoppers. United Natural Foods, a wholesale distributor that supplies Whole Foods and other grocers, said this week that a breach of its systems was disrupting its ability to fulfill orders — leaving many stores without certain items. In the U.K., consumers could not order from the website of Marks & Spencer for more than six weeks — and found fewer in-store options after hackers targeted the British clothing, home goods and food retailer. A cyberattack on Co-op, a U.K. grocery chain, also led to empty shelves in some stores. Cyberattacks have been on the rise across industries. But infiltrations of corporate technology carry their own set of implications when the target is a consumer-facing business. Beyond potentially halting sales of physical goods, breaches can expose customers' personal data to future phishing or fraud attempts. Here's what you need to know. Cyberattacks are on the rise overall Despite ongoing efforts from organizations to boost their cybersecurity defenses, experts note that cyberattacks continue to increase across the board. In the past year, there's also been an 'uptick in the retail victims" of such attacks, said Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance, a U.S. nonprofit. 'Cyber criminals are moving a little quicker than we are in terms of securing our systems," he said. Ransomware attacks — in which hackers demand a hefty payment to restore hacked systems — account for a growing share of cyber crimes, experts note. And of course, retail isn't the only affected sector. Tracking by NCC Group, a global cybersecurity and software escrow firm, showed that industrial businesses were most often targeted for ransomware attacks in April, followed by companies in the 'consumer discretionary' sector. Attackers know there's a particular impact when going after well-known brands and products that shoppers buy or need every day, experts note. 'Creating that chaos and that panic with consumers puts pressure on the retailer,' Steinhauer said, especially if there's a ransom demand involved. Ade Clewlow, an associate director and senior adviser at the NCC Group, points specifically to food supply chain disruptions. Following the cyberattacks targeting M&S and Co-op, for example, supermarkets in remote areas of the U.K., where inventory already was strained, saw product shortages. 'People were literally going without the basics,' Clewlow said. Personal data is also at risk Along with impacting business operations, cyber breaches may compromise customer data. The information can range from names and email addresses, to more sensitive data like credit card numbers, depending on the scope of the breach. Consumers therefore need to stay alert, according to experts. 'If (consumers have) given their personal information to these retailers, then they just have to be on their guard. Not just immediately, but really going forward," Clewlow said, noting that recipients of the data may try to commit fraud 'downstream.' Fraudsters might send look-alike emails asking a retailer's account holders to change their passwords or promising fake promotions to get customers to click on a sketchy link. A good rule of thumb is to pause before opening anything and to visit the company's recognized website or call an official customer service hotline to verify the email, experts say. It's also best not to reuse the same passwords across multiple websites — because if one platform is breached, that login information could be used to get into other accounts, through a tactic known as 'credential stuffing.' Steinhauer adds that using multifactor authentication, when available, and freezing your credit are also useful for added lines of defense. Which companies have reported recent cybersecurity incidents? A range of consumer-facing companies have reported cybersecurity incidents recently — including breaches that have caused some businesses to halt operations. United Natural Foods, a major distributor for Whole Foods and other grocers across North America, took some of its systems offline after discovering 'unauthorized activity' on June 5. In a securities filing, the company said the incident had impacted its 'ability to fulfill and distribute customer orders." United Natural Foods said in a Wednesday update that it was 'working steadily' to gradually restore the services. Still, that's meant leaner supplies of certain items this week. A Whole Foods spokesperson told The Associated Press via email that it was working to restock shelves as soon as possible. The Amazon-owned grocer's partnership with United Natural Foods currently runs through May 2032. Meanwhile, a security breach detected by Victoria's Secret last month led the popular lingerie seller to shut down its U.S. shopping site for nearly four days, as well as to halt some in-store services. Victoria's Secret later disclosed that its corporate systems also were affected, too, causing the company to delay the release of its first quarter earnings. Several British retailers — M&S, Harrods and Co-op — have all pointed to impacts of recent cyberattacks. The attack targeting M&S, which was first reported around Easter weekend, stopped it from processing online orders and also emptied some store shelves. The company estimated last month that the it would incur costs of 300 million pounds ($400 million) from the attack. But progress towards recovery was shared Tuesday, when M&S announced that some of its online order operations were back — with more set to be added in the coming weeks. Other breaches exposed customer data, with brands like Adidas, The North Face and reportedly Cartier all disclosing that some contact information was compromised recently. In a statement, The North Face said it discovered a 'small-scale credential stuffing attack' on its website in April. The company reported that no credit card data was compromised and said the incident, which impacted 1,500 consumers, was 'quickly contained.' Meanwhile, Adidas disclosed last month that an 'unauthorized external party' obtained some data, which was mostly contact information, through a third-party customer service provider. Whether or not the incidents are connected is unknown. Experts like Steinhauer note that hackers sometimes target a piece of software used by many different companies and organizations. But the range of tactics used could indicate the involvement of different groups. Companies' language around cyberattacks and security breaches also varies — and may depend on what they know when. But many don't immediately or publicly specify whether ransomware was involved. Still, Steinhauer says the likelihood of ransomware attacks is 'pretty high' in today's cybersecurity landscape — and key indicators can include businesses taking their systems offline or delaying financial reporting. Overall, experts say it's important to build up 'cyber hygiene" defenses and preparations across organizations. 'Cyber is a business risk, and it needs to be treated that way," Clewlow said.

Club World Cup: Jack Grealish left out of Man City squad

San Francisco Chronicle

an hour ago

San Francisco Chronicle

Club World Cup: Jack Grealish left out of Man City squad

MIAMI (AP) — Jack Grealish has been left out of Manchester City's squad for the Club World Cup. City manager Pep Guardiola named a 27-man squad for the tournament, which kicks off in Miami on Saturday, with Grealish a notable omission. The England forward was a British record signing when he moved to City from Aston Villa for 100 million pounds ($139 million then) in 2021 and went on to help the club win three Premier League titles, the Champions League and a host of other trophies. But he has become an increasingly peripheral figure and made only seven league starts last season. The 29-year-old Grealish's absence from the Club World Cup will add to the growing expectation that he will leave during the offseason, with Guardiola embarking on a squad rebuild following the team's first trophyless season in eight years. City's squad includes four new players signed in time to take part in the month-long tournament in the United States: Rayan Cherki, Tijjani Reijnders, Rayan Ait-Nouri and Marcus Bettinelli. In January, City also spent big to sign Omar Marmoush, Abdukodir Khusanov and Vitor Reis as Guardiola began his overhaul of a squad that saw its dominance of English soccer broken by Liverpool last season. If Grealish goes, he is likely to be one of a number of players to move on. Kevin De Bruyne is leaving at the end of his contract this month and Kyle Walker is also likely to go after a loan move to AC Milan in January; as expected, neither player was in the squad. City's first match at the 32-team tournament is against Wydad Casablanca next Wednesday in Philadelphia. The other teams in the group are Juventus and Abu Dhabi's Al Ain. ___ James Robson is at ___

Big Blue Nation goes crazy for British cereal Weetabix

Hashtags

Try Our AI Features

Comments

Related Articles

With retail cyberattacks on the rise, customers find orders blocked and shelves empty

With retail cyberattacks on the rise, customers find orders blocked and and empty shelves

Club World Cup: Jack Grealish left out of Man City squad

Big Blue Nation goes crazy for British cereal Weetabix

Hashtags

Try Our AI Features

Comments

Related Articles

With retail cyberattacks on the rise, customers find orders blocked and shelves empty

With retail cyberattacks on the rise, customers find orders blocked and and empty shelves

Club World Cup: Jack Grealish left out of Man City squad

Get Started Now: Download the App