Dimanche, 24 Juin 2018
Dernières nouvelles
Principale » Hackers stole credit card data from Buckle stores

Hackers stole credit card data from Buckle stores

19 Juin 2017

Later Friday evening, The Buckle Inc. released a statement saying that point-of-sale malware was indeed found installed on cash registers at Buckle retail stores, and that the company believes the malware was stealing customer credit card data between October 28, 2016 and April 14, 2017.

Virtually every other country that has made the jump to chip-based cards saw fraud trends shifting from card-present to card-not-present (online, phone) fraud as it became more hard for thieves to counterfeit physical credit cards.

"All Buckle stores had EMV ("chip card") technology enabled during the time that the incident occurred and we believe the exposure of cardholder data that can be used to create counterfeit cards is limited", the retailer said.

However, Buckle assured shoppers that no email addresses, physical mailing addresses or social security numbers were compromised.

Trump aides Kushner and Greenblatt to visit Israel, Palestinians this week
US President Donald Trump has repeatedly voiced his eagerness to reach a peace agreement, calling it "the ultimate deal ". Before this, the two gentlemen have accompanied the USA president during his visit to Jerusalem and Bethlehem last May.

On Friday morning, KrebsOnSecurity contacted The Buckle after receiving multiple tips from sources in the financial industry about a pattern of fraud on customer credit and debit cards which suggested a breach of point-of-sale systems at Buckle stores across the country.

The malware copied account data stored on the magnetic stripe on payment cards such as cardholder names, card numbers and expiration dates. The company disclosed the breach less than 24 hours later. "Any affected individuals either have or will likely receive communications from their issuing banks with additional instructions and/or replacement cards".

"Buckle promptly engaged forensic experts who performed a detailed investigation of Buckle's environment". As part of Buckle's response, connections between Buckle's network and potentially malicious external IP addresses were blocked, potentially compromised systems were isolated, and malware-related files residing on Buckle's systems were eradicated. "Additionally, Buckle reported a potential incident to the payment card brands and is cooperating with them regarding this incident", the company said in a statement.

"We take the protection of payment card data very seriously", the company said.

Hackers stole credit card data from Buckle stores