Malware

A trio of retailers disclosed payment card incidents this week resulting in data breaches. Bad actors are infecting point-of-sale (POS) terminals with malware. The malware captures payment card information before it enters the transaction processing system. POS Malware: Wawa Convenience and Fuel Retailer Retail chain Wawa disclosed that it had discovered malware on its payment processing servers earlier this month. An external forensics team determined that the malware began running at different points in time about 9 months earlier. “I apologize deeply to all of you, our friends and neighbors, for this incident,” wrote Wawa CEO Chris Gheysens in a…

Midwestern U.S. retailer Hy-Vee disclosed investigation findings this week from a data breach announced in mid-August impacting millions of customers utilizing its food and service point-of-sale (PoS) transaction machines. The investigation identified the operation of malware designed to access payment card data from cards used on PoS devices at certain Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants (which include the company’s Hy-Vee Market Grilles, Hy-Vee Market Grille Expresses and the Wahlburgers locations that Hy-Vee owns and operates). The Hy-Vee corporate cafeteria in West Des Moines, Iowa was also part of the malware infestation. The malware searched for track data…

Another week and another data breach from retail point-of-sale (POS) transaction machines. This time, retail store customers of Russell Stover’s Chocolates who used a payment card between February 9 and August 7 of this year could have had their payment card information captured by machines that were infected by malware. The company disclosed the breach this week after notifying authorities and launching its own investigation into the threat. Organization: Russell Stover Chocolates Timeframe of Breach: February 9 – August 7, 2019 Type of Attack: Retail POS Machine Malware Number of Records Affected: Not disclosed Information Involved: Payment card data including…

The attack involves malware installed on POS systems Add bookmark Checkers Drive-In Restaurants Inc. notified its customers that about 15% of its restaurants in 20 states may have had data exposures possibly starting back into 2015, and some lasting until about mid-April this year. The company operates and franchises nearly 900 restaurants. See Related: “Cyber Attack Takes Weather Channel Offline” The data security issue included nine locations in the Tampa area (where the parent company is based) and two in the Orlando area, where payment card data of some customers were obtained. “Based on the investigation, we determined that malware…

While Bitcoin’s value continues to swing wildly from one year to the next, its influence on the financial markets is being matched by its impact on the black market. Rising maturity and acceptance of cryptocurrency by the general public is being partly blamed for the simultaneous evolution of ransomware, with new strains and sophisticated techniques being reported. Cyber criminals are no longer taking a broad, ‘scatter-gun’ approach to ransom-based malware, but are using more targeted efforts underpinned by the fact that transference of cryptocurrency is easier to mask, according to cyber security thought leader, Joseph Steinberg. 'It is far easier…

Thus far in 2018, cyber security has dominated headlines and boardroom discussions. That is, as enterprises deepen their digital transformation efforts, they are witnessing the sheer power of cyber security, or lack thereof. Security teams are arming themselves for a lengthy campaign against the world’s black hats. While clandestine cyber activity has long mystified readers, consumers, end users and the security community, it has only intensified in recent years. Oftentimes, a verified breach is a useful way for CISOs to glimpse the latest threat vectors or vulnerabilities. Similarly, they become informative tools for senior executives to grasp the expansiveness of…

Cyber Security Hub Report Focuses On Mobile Threat Add bookmark Download Your Copy We respect your privacy, by clicking "Download Your Copy" you agree to having your details passed onto the sponsor who may promote similar products and services related to your area of interest subject to their privacy policy. You have the right to object. In addition, you will receive our e-newsletter, including information on related online learning opportunities. For further information on how we process and monitor your personal data, and information about your privacy and opt-out rights, click here. In the cyber security space, malicious software, or…