Three Different US Stores Report POS Malware Attacks In The Same Week

Happy woman paying for cafe by credit card

Cybercriminals seemed to have stepped up on a malicious campaign in the previous week. Reportedly, three different e-commerce stores in the US fell prey to POS malware attacks. In all the incidents, the attackers succeeded in stealing customer payment card data.

Security Breach At Wawa Stores

In a security notice, the chain of convenience stores Wawa disclosed a security breach. In brief, the security team at Wawa discovered a malware attack on December 10, 2019. The attack potentially began on March 4, 2019, and affected almost all Wawa stores in different locations.

Upon detecting the malware, the team contained the attack on December 12, 2019, two days from the detection. However, they suspect that the attackers have stolen users’ payment card data in the duration of the attack. As stated in the notice,

Based on our investigation to date, this malware affected payment card information, including credit and debit card numbers, expiration dates, and cardholder names on payment cards used at potentially all Wawa in-store payment terminals and fuel dispensers beginning at different points in time after March 4, 2019, and ending on December 12, 2019.

They stated that other personal details such as driver’s license information, PIN numbers, CVV2 numbers of the credit cards, remained safe.

POS Malware Attacks At Two Restaurants

In addition to Wawa, two US-based restaurants also disclosed similar POS malware attacks at the same time. One of these includes the Champagne French Bakery Café, which, as disclosed, suffered a malware attack from February 13, 2019, to September 27, 2019.

During the said period, the malware, which specifically targeted magnetic stripe data, compromised eight different locations. However, it couldn’t extract any data at seven of these locations in March 2019. The breached information includes cardholder’s names, card numbers, internal verification code and dates of expiration.

Likewise, a similar incident took place at the Islands Restaurant. As elaborated in their notice, the nature, timeline, and duration of the malware attack looked exactly the same as that of the Champagne French Bakery Café. Eventually, the restaurant contained the attack and removed the malware from its systems.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients