[BreachExchange] Fashion Retailer Buckle Finds Malware on PoS Systems

Audrey McNeil audrey at riskbasedsecurity.com
Mon Jun 19 19:49:03 EDT 2017 

http://www.securityweek.com/fashion-retailer-buckle-finds-
malware-pos-systems

The Buckle, Inc., a fashion retailer that operates more than 450 stores
across the United States, informed customers on Friday that malware had
been found on some of its point-of-sale (PoS) systems.

According to the retailer, malware was present on PoS systems at some of
its stores between October 28, 2016, and April 14, 2017. The company has
called in outside experts to investigate the incident and help secure its
network.

The malware was designed to steal data from a card’s magnetic stripe,
including cardholder name, account number and expiration date, but The
Buckle believes the malware did not collect data from all transactions
conducted via infected PoS systems.

The company pointed out that all its stores support EMV (chip card)
technology, which makes it significantly more difficult to clone cards
using stolen data. Nevertheless, the compromised payment card data can
still be useful to cybercriminals, particularly for card-not-present fraud.

The Buckle said there was no evidence that social security numbers, email
addresses or physical addresses were obtained by the attackers, and there
is no indication that its website and online store are affected.

“As part of Buckle’s response, connections between Buckle’s network and
potentially malicious external IP addresses were blocked, potentially
compromised systems were isolated, and malware-related files residing on
Buckle’s systems were eradicated. Additionally, Buckle reported a potential
incident to the payment card brands and is cooperating with them regarding
this incident,” the company said in a statement.

The Buckle has advised customers to keep an eye out for any suspicious
activity on their payment card, and immediately report any unauthorized
charges to the card issuer. A list of affected stores has not been made
available.

The Buckle’s announcement comes just two weeks after big box department
store chain Kmart, which operates more than 700 stores, informed customers
of a payment card breach.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170619/b78fb24b/attachment.html>

More information about the BreachExchange mailing list