You are here
Home > Be Aware > PoS malware skimmed convenience store customers’ card data for 8 months

PoS malware skimmed convenience store customers’ card data for 8 months

Wow, that’s a 9 month dwell time…:

US convenience store Wawa said on Thursday that it recently discovered malware that skimmed customers’ payment card data at just about all of its 850 stores.

The infection began rolling out to the store’s payment-processing system on March 4 and wasn’t discovered until December 10, an advisory published on the company’s website said. It took two more days for the malware to be fully contained. Most locations’ point-of-sale systems were affected by April 22, 2019, although the advisory said some locations may not have been affected at all.

The malware collected payment card numbers, expiration dates, and cardholder names from payment cards used at “potentially all Wawa in-store payment terminals and fuel dispensers.” The advisory didn’t say how many customers or cards were affected. The malware didn’t access debit card PINs, credit card CVV2 numbers, or driver license data used to verify age-restricted purchases. Information processed by in-store ATMs was also not affected. The company has hired an outside forensics firm to investigate the infection.

[…]

Original article here

Peter Glock
Over 30 years of designing, building and managing telecoms and IT services. Primarily working with large enterprise and professional services businesses in Asia, North America, continental Europe and the UK. Information security professional, secret physics nerd.
https://brownglock.com

Similar Articles

Leave a Reply

Top
%d bloggers like this: