Parking Service Facilitator’s Networks Hacked for Payment Card Details
The parking management facilitator SP+, of late, declared that hackers intruded into the networks at 17 service stations out of its total existing within U.S. and possibly stole credit/debit card numbers of an unspecified volume, published threatpost.com dated December 1, 2014.
On 3rd November 2014, one payment processor of SP+ notified the company that the attackers by utilizing the remote management software of the processor accessed PCs that were kept at SP+ service stations within Evanston, Chicago, Seattle, Philadelphia, Cleveland and Ill.
SP+ officially stated that the non-authorized individual planted malware with the help of a RAT (remote access tool) to hunt payment card details getting routed via PCs which received card payments from those using the parking services. Spplus.com published this, November 28, 2014.
According to SP+, the malicious software managed at stealing cardholder details comprising consumer's card number, its verification code and expiration date, along with his name.
SP+ didn't possess enough info for determining if any particular credit or debit cards got filched alternatively for dispatching notification correspondences to those card-owners who might've been affected, still the company desired in making its customers aware of the breach at the earliest, it stated.
SP+ further stated that each-and-every of it's affected servers were sanitized of the malware as well as that it had enforced extra safety steps, most importantly the dual-factor validation during conduction of remote access.
Nevertheless, the company didn't say anything about the kind of malware that infected the computers.
According to SP+, it was extremely sorry for any inconvenience the happening might cause. For clients who had any queries they could dial the helpline number of the company between Monday and Friday during 7:00AM-7:00PM Central Standard Time.
In the meantime, considering the successes POS malware has gained over time, it is little astonishing that this threat has been increasingly employed. When a POS malware called BlackPOS attacked 'Target,' a U.S. retailer, cyber-criminals stole over 40m payment card records.
Similarly, again in U.S., many attacks were waged using Backoff a kind of RAM scrapper, with the American Secret Service, during August 2014, uncovering 1,000-or-more enterprises which the malware had targeted.
» SPAMfighter News - 12/5/2014