Minnesota vendor of POS products confirms security breach

The past week was a misfortune for North Country Business Products the company in Minnesota which supplies POS (point-of-sale) products, as hackers broke into its information technology network followed with implanting malware onto POS networks belonging to a few of its clients, NCBP said.

In its data breach warning, NCBP elaborated that initially North Country noticed dubious operations, January 4, on the networks belonging to few of its customers. There was then a joint probe in which an intermediate cyber-security forensic company participated, leading to the conclusion that the breach occurred because of malware installed onto networks of NCBP's associate restaurants.

On 30th January, the probe substantiated there was a hack; however NCBP states, the attacker apparently realized that investigation was on by security experts, so it stopped its operations January 24. Currently, there's a list from NCBP delineating 139 locations which were compromised and on whose POS networks the attacker planted malware. The locations comprised of restaurants, coffee shops and bars, a few of which were standalone businesses, whilst the remaining were franchises within different hotel chains. Using their malicious software, the threat actors potentially managed acquiring admission into cardholders' names, their cards' CVV, expiration dates along with card numbers.

NCBP's ongoing probe includes determining the hack's nature while it still requires figuring out what way the different businesses have been affected. In one correspondence dispatched to all impacted clients, the POS supplier has asked whether any business had enabled its "encryption capability" for their POS systems, since the malware could then be prevented against being operational. www.zdnet.com posted this, February 20, 2019.

The hack warning tells that North Country regards the mishap along with their client info's security extremely seriously. NCBP, in the meantime, has made its processes up-to-date for even more strengthening its devices towards safeguarding its associates' client payment card details while is set to keep working with intermediate specialists towards making sure security is at its highest level.

NCBP is also offering information about 'ID-theft and fraud' to people impacted with the hack, urging them for checking their account statements for any dubious transactions, and accordingly inform their card issuing banks.

» SPAMfighter News - 2/22/2019