Malware on Buckle's PoS systems found

19.06.2017

Buckle-hacked 

 

The Buckle fashion retailer, that manages more than 450 stores across the United States, informs its customers that a malware has been detected on some of its payment systems.

According to the company, the malware was present in the PoS systems of some of the stores between October 28, 2016, and April 14, 2017.

The company hired external cybersecurity experts to investigate the incident and secure its network.

The discovered malware has the ability to steal data from a card’s magnetic stripe, including cardholder name, account number, and expiration date.

The Buckle believes the malicious software has failed to steal data from all transactions via infected PoS systems.

The company reported that all of its stores support EMV (chip card) technology, making it difficult to clone cards using stolen data. Nevertheless, hackers may abuse the compromised card data for various frauds.

The Buckle says there is no evidence that hackers have stolen the customers` social security numbers, e-mail addresses, and physical addresses, as there is no indication that its online store is affected.

“As part of Buckle’s response, connections between Buckle’s network and potentially malicious external IP addresses were blocked, potentially compromised systems were isolated, and malware-related files residing on Buckle’s systems were eradicated. Additionally, Buckle reported a potential incident to the payment card brands and is cooperating with them regarding this incident,” the company said in a statement.

The company, however, has not provided a list of shops affected by the hacker attack.

The news of the attack on Buckle's systems comes just two weeks after the Kmart's payment system, which operates more than 700 stores, was compromised.

Would you like to comment on this article?

Share

Latest news

15.12.2017

Hacker removed malware from Netgear site, the company failed to do so for 2 years

An anonymous hacker has removed malware from a Netgear site after the company failed to clean up a malware infection for more than two years.

15.12.2017

Hacker robbed church in Northern Ireland

The hacker told the priest that the church computer should be remotely accessible to fix an internet problem.

15.12.2017

Synaptics to remove keylogger from its drivers

The company has decided to remove the keylogger functionality from its products.

Sign up for our online newsletter!