Criminals install fraudulent terminals at US retailer

US retailer Hancock Fabrics is warning customers that PIN pad units at several of its stores were stolen and replaced with "visually identical, but fraudulent" units last year, putting card data at risk.

In an open letter to customers the firm warns the scam, which occurred between August and September last year, has provided crooks with access to names printed on customer payment cards, card numbers and expiration dates and PINs.

Hancock Fabrics says reported incidents of fraud have been "limited" but says customers who shopped at the store last Summer should check their account statements.

The retailer is working with state and federal authorities and is replacing all PIN pads as well as installing an automated system to monitor them for suspicious activity.

Channels

Retail banking Security Payments

Keywords

Cards Eftpos

Comments: (1)

Nick Ogden - RTGS.global - London 17 March, 2010, 08:45

Be the first to give this comment the thumbs up

0 likes

This was an accident waiting to happen. It is bizarre that only one US processor to my knowledge Heartland, has introduced encryption at the POS level to prevent this type of occurrence.

Ironically I patented a POS device that included a GPS chip so that geo location could be used as part of the transaction authorisation process, so transaction could only occur from approved locations in 2000. There is always a trade off between hardware cost and functionality, and the ability to open a retailers wallet to pay for additional features, but with the Heartland system also resolving retailer PCI issues, there may be a change already happening, which this incident may accidentally accelerate.