It hasn’t been that long since the Target Corp. and Neiman Marcus security breaches, and now cybersecurity firm IntelCrawler has discovered at least six ongoing attacks at other U.S. merchants.
Retailers in California and New York were among those compromised by the latest attacks. They haven’t revealed how many individuals were affected.
It appears the retailers’ credit card processing systems were infected with the same malicious software used to steal data from Target and Neiman Marcus. It’s called BlackPOS and was developed by a 17 year-old hacker living in St. Petersburg, Russia, whose nickname is “Ree4.”
BlackPOS is a RAM scraper that allows cybercriminals to steal encrypted data by grabbing it when it’s in plain text as it travels through the memory of a computer. The fear is that copycat cybercriminals will use similar software which is now available online.
iSIGHT Partners is helping the U.S. Secret Service investigate the attacks. They believe the pace of these attacks will increase. Most of the attacks to date have occurred in the U.S., but about 30 percent took place in other countries, including Australia and Canada.
Credit card companies, banks and retailers say individuals affected by the theft will be credited for the fraudulent purchases. However, debit card fraud could result in money being drained from a bank account, mutual fund or other cash account.
What You Should Do.
- Watch for unauthorized activity on your debit or credit card and if found, alert your card issuer immediately.
- Don’t open random or suspicious emails.
- Save your receipts and compare them to your credit and debit card statements.
- Obtain a free copy of your credit report.