POS manufacturer breach puts cards at risk

POS manufacturer breach puts cards at risk

Some 324 restaurants across the United States have had card data swiped following a breach at POS manufacturer Signature Systems.

Signature Systems says it discovered the intrusion in late July when a forensic investigation found malware on a client's POS device that had not been picked up by the restaurant's anti-virus program.

Further invesitgations revealed that an "unauthorised person" gained access to a user name and password that Signature Systems used to remotely access POS systems. The hacker used that access to install malware designed to capture payment card data from cards that were swiped through terminals in certain restaurants. The malware was capable of capturing the cardholder's name, card number, expiration date, and verification code from the magnetic stripe of the card.

The incident affected 216 Jimmy John's sandwich stores and 108 other restaurant locations.

"After learning of the potential issue on July 30, by August 5, we had removed the malware from most of the affected locations," states Signature Systems. "For a small percentage, we were not able to completely remove the malware from all devices in the system until mid-September."

The firm says that although it knows the affected locations and time frames when cards were at risk, "we do not have access to transaction information that would let us know how many cards were used in those stores during the at risk times".

Comments: (1)

A Finextra member
A Finextra member 29 September, 2014, 13:01Be the first to give this comment the thumbs up 0 likes

Can anyone explain how anti virus can block malware on POS terminal? This type of malware is written especially to target a specific POS terminal. Anti virus systems are signature based and looks for known threats and are generally unable to detect unknown threats (so called zero day threats).