Original URL: http://www.theregister.co.uk/2014/08/23/us_homeland_security_says_ups_malware_compromised_significant_number_of_enterprise_networks/

Backoff malware attacks hit 'more than 1,000 big businesses', warns US government

Secret Service: tell us if you've been infected

By Kelly Fiveash

Posted in Weekend Edition, 23rd August 2014 11:42 GMT

A Point-of-Sale malware attack that struck shipping outfit UPS has compromised the networks of a "significant" number of major businesses in the US, according to the country's Homeland Security office.

The US administration's Computer Emergency Readiness Team (CERT) advised administrators and operators of PoS systems to familiarise themselves with the Backoff malware alert posted by Homeland Security at the end of last month.

"Organisations that believe they have been infected with Backoff are also encouraged to contact their local US Secret Service Field Office," it added.

US businesses including Target, Supervalu and UPS Stores have been affected by the malware attack.

UPS discovered an outbreak of debit and credit-card-reading malware in 51 of its branches in the US earlier this week.

Miscreants are understood to have secretly ransacked the data of millions of payment cards from American customers, according to the New York Times, which - citing numbers from the Secret Service - reported that more than 1,000 US businesses had been compromised.

Last Wednesday, UPS coughed to the security breach and admitted credit and debit card data had been exposed at 51 of its stores between 20 January 2014 and 11 August 2014. As many as 100,000 transactions may have been snooped on, we were told, out of the millions normally running through the UPS network.

Names and addresses were also said to have been accessible by the malware in the affected systems. ®