Latest news with #paymentsystem
Daily Mail
2 days ago
- Business
- Daily Mail
H&M systems are down in the UK
By Customers at H&M stores across the UK have been unable to purchase products for several hours today, following an apparent failure in the company's payments system. A worker at one store in London told MailOnline that their location had been unable sell items for around two hours. It is not currently known if online customers have been affected by the issue, and the cause of the outage has not yet been revealed. A spokesperson for H&M told MailOnline: 'We are aware of the problem and are looking into resolving it as quickly as possible. 'We apologise to our customers for the inconvenience.' The incident comes after British retail institutions like M&S and Co-op were hit with severe cyber attacks that crippled them. In late April, Co-op was forced to shut down parts of its IT systems after hackers tried to illegally access them, and that it only had a 'small impact' on its operations. The firm later admitted that despite this, hackers 'accessed data relating to a significant number of our current and past members. Meanwhile, M&S stores up and down the country were left with empty shelves after it faced an Easter weekend cyber attack. The company admitted that personal information of customers, which could include telephone numbers, home addresses and dates of birth, were taken. M&S said that the data thieves did not take usable payment or card information from their servers. Luxury jewelry firm Cartier and outdoor retailer The North Face then became the latest retailers to report customer data being stolen in cyber attacks . Watchmaker Cartier told customers in an email that 'an unauthorised party gained temporary access' to its system and 'obtained limited client information'. The firm - whose items have been worn by Taylor Swift , Angelina Jolie and Michelle Obama - revealed names, email addresses and countries had been obtained. But Cartier, which is owned by Swiss-based Richemont, said the 'affected information did not include any passwords, credit card details or other banking information'. The company said it further enhanced the protection of its systems and data, told the relevant authorities and was working with 'leading external cyber security experts'. Separately, fashion brand The North Face, owned by VF Corporation, emailed some of its customers to tell them it discovered a 'small scale' attack in April this year. The brand said names and email addresses were taken, but financial details were not - with the company revealing hackers used 'credential stuffing', reported BBC News. This involves trying usernames and passwords stolen from another data breach in the hope customers have reused the credentials across multiple accounts. North Face said attackers may have got hold of some customers' postal addresses and purchase histories. A North Face spokeswoman told MailOnline: 'The cyber incident you are referring to is a small-scale cyber incident occurred on April 23, 2025, affecting our The North Face e-commerce website in the US only. 'The incident was contained very quickly on the same day it occurred. There was no impact on our systems and/or our consumer data in Europe whatsoever, including in the UK.' Cyber security expert Julius Cerniauskas, chief executive of web intelligence firm Oxylabs, told MailOnline that the latest breaches 'send a clear message that no brand is safe from cybercrime, not even the biggest names with the deepest pockets'. He added: 'Attackers are becoming more opportunistic and sophisticated, targeting brands that hold valuable customer data, not just credit card numbers. 'In the case of The North Face, credential stuffing shows how recycled passwords from past breaches continue to fuel new attacks. 'Cartier's incident demonstrates how even well-defended systems can be compromised. Whether it's luxury retail or everyday consumer brands, hackers are finding weak spots and exploiting them fast.' Mr Cerniauskas urged retailers to 'respond with more than apologies', encouraging them to enforce multi-factor authentication, tighten access controls and constantly monitor for threats. Speaking further about 'credential stuffing', Joe Jones, chief executive and founder of Pistachio, a cybersecurity attack simulation company, said consumers reusing passwords across multiple sites were a 'sitting duck' for breaches of this type. He told MailOnline: 'Credential stuffing, the method used here, only works because people reuse the same login details. 'If you've been caught in this breach, change your passwords immediately - especially if they match accounts like email or banking. 'Enable app-based two-factor authentication, not SMS, and remain hyper alert to scam emails, texts or even fake calls.'
Daily Mail
3 days ago
- Business
- Daily Mail
BREAKING NEWS H&M systems are DOWN: Company battles to resolve 'problems with payments'
Customers at H&M stores across the UK have been unable to purchase any products for several hours today, following an apparent failure in the company's payments system. A worker at one store in London told MailOnline that their location had been unable sell any items for around two hours. It is not currently known if online customers have been affected by the issue, and the cause of the outage has not yet been revealed. A spokesperson for H&M told MailOnline: 'We are aware of the problem and are looking into resolving it as quickly as possible. We apologise to our customers for the inconvenience.' The incident comes after British retail institutions like M&S and Co-op were hit with severe cyber attacks that crippled them. In late April, Co-op was forced to shut down parts of its IT systems after hackers tried to illegally access them, and that it only had a 'small impact' on its operations The firm later admitted that despite this, hackers 'accessed data relating to a significant number of our current and past members. Meanwhile, M&S stores up and down the country were left with empty shelves after it faced an Easter weekend cyber attack. The company admitted that personal information of customers, which could include telephone numbers, home addresses and dates of birth, were taken. M&S said that the data thieves did not take usable payment or card information from their servers. Luxury jewellery firm Cartier and outdoor retailer The North Face yesterday became the latest retailers to report customer data being stolen in cyber attacks. What is 'credential stuffing' and how can you protect yourself against it online? The North Face confirmed hackers used the 'credential stuffing' method during a cyber attack on the company. This is where criminals take advantage of people who use the same username and password on multiple accounts. If one set of credentials is stolen during a hack, the attackers may then try using those details again in a new attack - with the hope customers have reused them on different accounts. By fraudulently gaining valid credentials on one site, and using them successfully on other sites, an attacker can then access more accounts. The primary motivation is financial, but it can also lead to identity theft. Anyone caught up in such an attack is urged to change their passwords immediately - especially if they match vital accounts like email or banking. They should be on alert for scam emails, texts or even fake calls. Experts also advise people to avoid using the same password on different sites, to become better protected. Watchmaker Cartier told customers in an email that 'an unauthorised party gained temporary access' to its system and 'obtained limited client information'. The firm - whose items have been worn by Taylor Swift, Angelina Jolie and Michelle Obama - revealed names, email addresses and countries had been obtained. But Cartier, which is owned by Swiss-based Richemont, said the 'affected information did not include any passwords, credit card details or other banking information'. The company said it further enhanced the protection of its systems and data, told the relevant authorities and was working with 'leading external cyber security experts'. Separately, fashion brand The North Face, owned by VF Corporation, emailed some of its customers to tell them it discovered a 'small scale' attack in April this year. The brand said names and email addresses were taken, but financial details were not - with the company revealing hackers used 'credential stuffing', reported BBC News. This involves trying usernames and passwords stolen from another data breach in the hope customers have reused the credentials across multiple accounts. North Face said attackers may have got hold of some customers' postal addresses and purchase histories. A North Face spokeswoman told MailOnline: 'The cyber incident you are referring to is a small-scale cyber incident occurred on April 23, 2025, affecting our The North Face e-commerce website in the US only. 'The incident was contained very quickly on the same day it occurred. There was no impact on our systems and/or our consumer data in Europe whatsoever, including in the UK.' Cyber security expert Julius Cerniauskas, chief executive of web intelligence firm Oxylabs, told MailOnline that the latest breaches 'send a clear message that no brand is safe from cybercrime, not even the biggest names with the deepest pockets'. He added: 'Attackers are becoming more opportunistic and sophisticated, targeting brands that hold valuable customer data, not just credit card numbers. 'In the case of The North Face, credential stuffing shows how recycled passwords from past breaches continue to fuel new attacks. 'Cartier's incident demonstrates how even well-defended systems can be compromised. Whether it's luxury retail or everyday consumer brands, hackers are finding weak spots and exploiting them fast.' Mr Cerniauskas urged retailers to 'respond with more than apologies', encouraging them to enforce multi-factor authentication, tighten access controls and constantly monitor for threats. Speaking further about 'credential stuffing', Joe Jones, chief executive and founder of Pistachio, a cybersecurity attack simulation company, said consumers reusing passwords across multiple sites were a 'sitting duck' for breaches of this type. He told MailOnline: 'Credential stuffing, the method used here, only works because people reuse the same login details. 'If you've been caught in this breach, change your passwords immediately - especially if they match accounts like email or banking. 'Enable app-based two-factor authentication, not SMS, and remain hyper alert to scam emails, texts or even fake calls.' Mr Jones added: 'Hackers don't need your card details to do damage. With access to your name, email and order history, they can craft realistic phishing attempts that look and sound legitimate. This is how trust is weaponised.' Separately, lingerie retailer Victoria's Secret confirmed that a security incident relating to its information technology systems led it to temporarily shut down its website for a few days last week. The company said it shut down corporate systems and e-commerce website on May 26 and immediately enacted response protocols to contain and prevent unauthorised network access. Its website was restored on May 29. Victoria's Secret said the breach did not impact its financial results for the first quarter or cause a material disruption to its operations, but the second quarter could be hit by the additional expenses incurred following the incident. Meanwhile Marks and Spencer has faced heavy disruption since the Easter weekend after being struck by a major cyber attack which is expected to cost it about £300million in reduced profits. M&S, which runs 565 stores across the UK, halted orders on its website and saw empty shelves after being targeted by hackers. Customer personal data, which could have included names, email addresses, postal addresses and dates of birth, was also taken by hackers in the attack. M&S is still unable to process any online orders, although it is understood the retailer is hoping to partly restore this within two to three weeks. The firm is also now holding in-store recruitment open days to fill vacant positions at some stores in England because its online portal cannot take applications, reported The Grocer. An M&S branch in Peterborogh said in a social media post: 'There is no need to book - just turn up in between the timeframe and head to the top floor till points to get signed in and then a member of staff will help you.' Another store in Bristol asked potential applicants to drop off their CV in person for one of the 'part-time and full-time vacancies available in our food department'.
CNA
3 days ago
- Business
- CNA
Japan must pursue payment innovation as society becomes cash-less, BOJ official says
TOKYO :Japan currently has no plan to issue a central bank digital currency (CBDC) but must continue innovating its payment and settlement system in an increasingly cash-less society, a senior central bank official said on Wednesday. Although banknote issuance remains high in Japan, usage of notes could fall significantly in the future amid rapid digitalisation, said Bank of Japan (BOJ) Executive Director Kazushige Kamiyama. "As such, Japan must consider what steps it can take now to ensure its retail settlement system is convenient, efficient, accessible universally, while being safe and resilient," he said in a speech. While the BOJ currently has no plan to issue a CBDC, it must keep up efforts to enhance the safety and efficiency of Japan's payment and settlement system, Kamiyama said in a meeting with private firms on a pilot programme for developing a digital yen. The BOJ has said no decision has been made yet on whether Japan will actually issue a CBDC, which must be made by the government and parliament. But the central bank has been conducting experiments and exchanging views with private firms on a digital yen, to be ready in case Japan decides to issue a CBDC.
Reuters
3 days ago
- Business
- Reuters
Japan must pursue payment innovation as society becomes cash-less, BOJ official says
TOKYO, June 4 (Reuters) - Japan currently has no plan to issue a central bank digital currency (CBDC) but must continue innovating its payment and settlement system in an increasingly cash-less society, a senior central bank official said on Wednesday. Although banknote issuance remains high in Japan, usage of notes could fall significantly in the future amid rapid digitalisation, said Bank of Japan (BOJ) Executive Director Kazushige Kamiyama. "As such, Japan must consider what steps it can take now to ensure its retail settlement system is convenient, efficient, accessible universally, while being safe and resilient," he said in a speech. While the BOJ currently has no plan to issue a CBDC, it must keep up efforts to enhance the safety and efficiency of Japan's payment and settlement system, Kamiyama said in a meeting with private firms on a pilot programme for developing a digital yen. The BOJ has said no decision has been made yet on whether Japan will actually issue a CBDC, which must be made by the government and parliament. But the central bank has been conducting experiments and exchanging views with private firms on a digital yen, to be ready in case Japan decides to issue a CBDC. CBDCs are back in the spotlight after U.S. President Donald Trump banned work on a digital dollar in one of his first moves after regaining power in January.
Finextra
4 days ago
- Business
- Finextra
BME showcases new FX settlement system
BME has presented today, at an event held at the Madrid Stock Exchange Palace, its new foreign exchange transaction settlement system in payment versus payment mode (FXS), which recently received approval from the Bank of Spain. 0 This new system is part of its global project to provide secure and innovative solutions to participants in the foreign exchange market (Forex). In line with this objective, BME has developed a comprehensive set of services that encompasses the entire value chain of foreign exchange operations, from trading to settlement of transactions in this market, which is the largest traded volume globally, with more than 7.5 trillion dollars executed per day. The new FXS settlement system complements these services by improving efficiency and reducing the risks of currency transaction settlement compared to bilateral settlement. The event featured the participation of Banca March, which announced its adherence to this payment system a week ago, and Bankinter, which is the first liquidity provider of this new system. In the opening speech of the event, Xavier Aguilá, General Director of BME Clearing, commented that this project arises from the demand of Spanish banking entities, given the challenges posed by the transformation that the foreign exchange markets are experiencing, driven both by technological development and the entry of new participants, as well as regulatory initiatives such as the FX Global Code. In this context, the entities have identified the need for greater automation of processes and solutions to limit the risks associated with bilateral settlement of transactions as the main difficulties in their operations. Next, José Parga, Head of BME FX, presented the services developed by BME to respond to this demand: a trading platform that includes a technological solution for the digitization of foreign exchange transaction flows in banks and financial entities, facilitating operations in both Spot currency and xRolling FX futures traded on MEFF; and the FXS settlement solution, the payment system operated by BME to eliminate principal risk in the settlement of transactions between these entities. Precisely on the challenges faced in this operation and the solutions that FXS can provide, the panel developed next, moderated by Paula Fernández, head of FXS at BME, focused. In their interventions, Sergio Jiménez, Head of FX&Stir trading at Bankinter, and Jeroni Alomar, Director of Control and Treasury at Banca March, highlighted the difficulties related to the greater need for digitization and control to mitigate the risks associated with settlement, in a clearly competitive environment with an increasing number of counterparties. On the other hand, María José García, Head of the Surveillance Unit of the Payment Systems Department at the Bank of Spain, explained the role that Central Banks play in adopting mechanisms that mitigate these risks. In fact, Sergio Jiménez pointed out that the application of these measures is proving to have other beneficial effects on operations, such as increased transparency and competitiveness, which ultimately result in more efficient price creation. Jeroni Alomar also explained how payment versus payment mechanisms, combined with net settlement, contribute to limiting operational risks and facilitate liquidity management by treasury desks. The last part of the panel focused on exploring the advantages that FXS provides as a payment system under the supervision of the Bank of Spain, in terms of compliance with the PFMI-IOSCO principles for financial market infrastructures, and in relation to the comprehensive management of risks associated with the service. Finally, both participating entities, Bankinter and Banca March, shared their experience in implementing FXS in their operations. Jeroni Alomar, for his part, emphasised the ease of integrating FXS into Banca March's back-office operations and the advantages it provides in terms of security, liquidity management, and risk elimination. For Sergio Jiménez, the adoption of BME's solutions allows Bankinter to provide greater scalability to its currency business, increasing efficiency and competitiveness with the support of a neutral entity like BME.
