Login

Register

Login

Register


Rutter’s has become the latest US convenience store chain to suffer a breach of customer card data via Point of Sale (POS) malware.

Notified by a third party about potential unauthorized access to cards used at the firm’s locations, it launched an investigation and on January 14 discovered the malware installed on payment processing systems.

“The malware searched for track data (which sometimes has the cardholder name in addition to card number, expiration date, and internal verification code) read from a payment card as it was being routed through the payment processing systems,” the firm explained in a statement.

“However, chip-enabled (EMV) POS terminals are used inside our convenience stores. EMV cards generate a unique code that is validated for each transaction, and the code cannot be reused. As a result, for EMV cards inserted into the chip-reader on the EMV POS devices in our convenience stores, only card number and expiration date (and not the cardholder name or internal verification code) were involved.”

This means that users with old magstripe cards may have had their cards cloned for use in face-to-face fraud. On the EMV side, most e-commerce providers ask for a CV2 number and the name of the cardholder, so these customers would seem to be more insulated from follow-on fraud.

However, the number of cards affected in this breach could be huge. Over 70 outlets in Pennsylvania and West Virginia were affected and the malware is said to have been active October 1 2018 to May 29 2019. However, access to card data began as early as August 30 2018 for one outlet and September 20 2018 for nine more.

The news comes just weeks after convenience store chain Wawa notified customers of a similar breach. One dark web marketplace claimed last month that as many as 31 million cards may have been stolen in the raid, and are being uploaded to the site by the hackers.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW