Pizza stores popped, sandwich stores sacked in PoS plunder
Signature Systems 'fesses up to malware raid
Some 324 restaurants across the United States, including 216 Jimmy John's outlets, have had payment terminals compromised by malware after a breach at vendor Signature Systems.
The massive breach occurred when an intruder stole remote log-in credentials for Signature's point of sale (PoS) kit, according to cyber-crime reporter Brian Krebs.
Hackers broke into the vendor on 16 June, installing PoS malware that captured credit and debit card data along with expiration and verification information.
"We have determined that an unauthorised person gained access to a user name and password that Signature Systems used to remotely access POS systems," Signature Systems said in a statement.
"The unauthorised person used that access to install malware designed to capture payment card data from cards that were swiped through terminals in certain restaurants.
"[They] used a remote access tool to access the computers in the restaurants' that operate the point-of-sale systems and installed malware designed to capture payment card data."
The malware evaded anti-virus software and remained in Jimmy John's sandwich stores from June to 5 September this year.
Most of the other 108 stores were independent pizza shops, Signature Systems said.
Krebs said the breach brought into question the security integrity of the vendors' PDQ PoS product after he found it was not certified against the Payment Card Industry Data Security Standard past October 2013.
Worse, its defunct PCI DSS security auditor Chief Security Officers appeared to be the only auditor to have its certification revoked [PDF] by the Council, Krebs pointed out. ®