Point-of-Sale (POS) attacks always entice criminal hackers due to the considerable financial gains they achieve. Nonetheless, such attacks always frighten businesses since they directly affect their credibility. Once again, some bad actors managed to victimize a POS firm. The devastating malware attack subsequently targeted more than 130 locations.
POS Firm Hacked To Expose Customer’s Payment Information
A Minnesota based POS Firm has recently confirmed it had suffered a cyber attack. Allegedly, the firm North County Business Products Inc. suffered a malware attack last month. As a result, the attackers managed to pilfer payment information of some consumers. Whereas, the attack had a widespread impact affecting 130+ outlets. NCBP is a point-of-sale (POS) solutions provider having a large clientele across the United States.
As stated in their security notice, the attack lasted for about 22 days – precisely, between January 3, 2019, and January 24, 2019. The firm noticed the attack on January 4, 2019.
“On January 4, 2019, North Country learned of suspicious activity occurring within certain client networks.”
After the incident, the firm involved relevant experts and begun investigating the matter. The investigations revealed that they had suffered a malware attack that facilitated the attackers to pilfer payment card data and other details.
“The investigation determined that an unauthorized party was able to deploy malware to certain of North Country’s business partners restaurants… that collected credit and debit card information. Specific information potentially accessed includes the cardholder’s name, credit card number, expiration date, and CVV.”
Besides, North Country has also listed the 136 outlets that allegedly suffered this malware attack.
NCBP Confirms Issue Has Been Rectified
Although, it took some time for North County Business Products Inc. to contain the attack. However, they now confirm rectification of the issue.
“North Country engaged professionals who have corrected the issue… North Country immediately launched an investigation, working with third-party forensic investigators to determine the nature and scope of the event.”
Moreover, they also pledge to strengthen their systems to ensure adequate security to the customers’ data.
Earlier this month, a similar POS attack targeted Huddle House – a chain of restaurants in the US. That time, the attackers exploited third-party POS data systems to deploy malware.