The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: pos machine hacking

Wawa Breach: Hackers Put 30 Million Stolen Payment Card Details for Sale

Wawa Breach: Hackers Put 30 Million Stolen Payment Card Details for Sale

January 30, 2020Wang Wei
Remember the recent payment card breach at Wawa convenience stores ? If you're among those millions of customers who shopped at any of 850 Wawa stores last year but haven't yet hotlisted your cards, it's high time to take immediate action. That's because hackers have finally put up payment card details of more than 30 million Wawa breach victims on sale at Joker's Stash, one of the largest dark web marketplaces where cybercriminals buy and sell stolen payment card data. As The Hacker News reported last month, on 10th December Wawa learned that its point-of-sale servers had malware installed since March 2019, which stole payment details of its customers from potentially all Wawa locations. At that time, the company said it's not aware of how many customers may have been affected in the nine-month-long breach or of any unauthorized use of payment card information as a result of the incident. Now it turns out that the Wawa breach marked itself in the
Landry's Restaurant Chain Suffers Payment Card Theft Via PoS Malware

Landry's Restaurant Chain Suffers Payment Card Theft Via PoS Malware

January 02, 2020Mohit Kumar
Landry's, a popular restaurant chain in the United States, has announced a malware attack on its point of sale (POS) systems that allowed cybercriminals to steal customers' payment card information. Landry's owns and operates more than 600 bars, restaurants, hotels, casinos, food and beverage outlets with over 60 different brands such as Landry's Seafood, Chart House, Saltgrass Steak House, Claim Jumper, Morton's The Steakhouse, Mastro's Restaurants, and Rainforest Cafe. According to the  breach notification published this week, the malware was designed to search for and likely steal sensitive customer credit card data, including credit card numbers, expiration dates, verification codes and, in some cases, cardholder names. The PoS malware infected point-of-sale terminals at all Landry's owned locations, but, fortunately, due to end-to-end encryption technology used by the company, attackers failed to steal payment card data from cards swiped at its
Hackers Stole Customers' Credit Cards from 103 Checkers and Rally's Restaurants

Hackers Stole Customers' Credit Cards from 103 Checkers and Rally's Restaurants

May 31, 2019Swati Khandelwal
If you have swiped your payment card at the popular Checkers and Rally's drive-through restaurant chains in past 2-3 years, you should immediately request your bank to block your card and notify it if you notice any suspicious transaction. Checkers, one of the largest drive-through restaurant chains in the United States, disclosed a massive long-running data breach yesterday that affected an unknown number of customers at 103 of its Checkers and Rally's locations—nearly 15% of its restaurants. The impacted restaurants [ name, addresses and exposure dates ] reside in 20 states, including Florida, California, Michigan, New York, Nevada, New Jersey, Florida, Georgia, Ohio, Illinois, Indiana, Delaware, Kentucky, Louisiana, Alabama, North Carolina, Pennsylvania, Tennessee, West Virginia and Virginia. After becoming aware of a "data security issue involving malware" at some Checkers and Rally's locations, the company launched an extensive investigation which r
Hackers Steal Payment Card Data From Over 1,150 InterContinental Hotels

Hackers Steal Payment Card Data From Over 1,150 InterContinental Hotels

April 20, 2017Swati Khandelwal
InterContinental Hotels Group (IHG) is notifying its customers that credit card numbers and other sensitive information may have been stolen after it found malware on payment card systems at 1,174 franchise hotels in the United States. It's the second data breach that U.K.-based IHG, which owns Holiday Inn and Crowne Plaza, has disclosed this year. The multinational hotel conglomerate confirmed a credit card breach in February which affected 12 of its hotels and restaurants. What happened? IHG identified malware accessing payment data from cards used at front desk systems between September 29 and December 29, 2016, but the malware was erased after the investigation got completed in March 2017. "Many IHG-branded locations are independently owned and operated franchises and certain of these franchisee operated locations in the Americas were made aware by payment card networks of patterns of unauthorized charges occurring on payment cards after they were legitimately us
Over 1000 Wendy's Restaurants Hit by Credit Card Hackers

Over 1000 Wendy's Restaurants Hit by Credit Card Hackers

July 08, 2016Mohit Kumar
The Popular fast-food restaurant chain Wendy's on Thursday admitted that a massive cyber attack had hit more than 1,000 of its restaurants across the country. The burger chain did not speculate how many people may have been affected, though it did confirm that the hackers were able to steal its customers' credit and debit card information. The data breach is more than three times bigger than initially thought. The original data breach was believed to have affected " fewer than 300 " of its 5,144 franchised locations in the United States when the malware was discovered in May. The Malware had been installed on Point-of-Sale (PoS) systems in the affected restaurants and was able to obtain cardholder's name, payment card number, expiration date, service code, cardholder verification value, among other data. The data breach began in fall 2015 and discovered in February this year, and the company went public with in May. Just last month, Wendy's s
Russian ATM Hackers Steal $4 Million in Cash with 'Reverse ATM Hack' Technique

Russian ATM Hackers Steal $4 Million in Cash with 'Reverse ATM Hack' Technique

November 25, 2015Mohit Kumar
Russian hackers have discovered a novel technique to rip off Millions of dollars from banks and ATMs. Criminals in Russia used a technique, called " Reverse ATM Attack ," and stole 252 Million Rubles ( US$3.8 Million ) from at least five different banks, according to the information obtained by Russian digital intelligence firm Group-IB . What is Reverse ATM Attack? According to the intelligence firm, an attacker would deposit sums of 5,000, 10,000 and 30,000 Rubles into legitimate bank accounts using ATMs, and immediately withdraw the same amounts right away with a printed receipt of the payment transaction. The details included in the receipt, containing a payment reference number and the amount withdrawn, would then be transferred to a partner hacker, who had remote access to the infected POS terminals, usually located outside of Russia. Also Read: German Bank ATMs vulnerable to Hackers The partner hacker would then use these details to perform a reversal
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.