Brian Krebs, a cyber-security journalist has reported that the renowned credit and debit card payment services facilitator firm Verifone has undergone an internal computer network breach. According to Krebs’ analysis, the breach although happened last year the company remained oblivious about it until January 2017.
Krebs explained that after receiving information about the breach, Verifone sent an urgent email to its employees and contractors on 23rd January 2017. In the email, Verifone warned them to change all the company passwords within 24 hours. The email was written by the senior vice president and chief information officer of Verifone, Steve Horan, and its memo read:
“We are currently investigating an IT control matter in the Verifone environment. As a precaution, we are taking immediate steps to improve our controls.”
Krebs narrated the chain of events in his blog post citing that Verifone is investigating the data breach in a secretive manner.
It must be noted that Verifone is a high profile American firm that is considered the leading provider of credit card terminals in the country. It sells point-of-sale services and terminals to aid the swiping and processing of credit and debit card payments across a variety of businesses including gas stations, retailers and taxis.
It is also being reported that the breach impacted some firms that run Verifone’s point-of-sale solutions. Whereas the San Jose, California-based Verifone has categorically stated that the breach’s scope was limited to its corporate network while the payment services system wasn’t affected at all. As per the information shared by the spokesperson for Verifone Andy Payment:
“Our payment services network was not impacted. We immediately began work to determine the type of information targeted and executed appropriate measures in response. We believe today that due to our immediate response, the potential for misuse of information is limited.”
As apparent from the memo, Verifone’s staff wouldn’t be able to install software of any type on their company laptops and PCs. This indicated that the breach occurred through downloading of malware. Verifone was informed about the breach by other credit card firms Mastercard and Visa only a few days before they sent out the email above.
Krebs cited a source according to which the breach has affected the customer support unit of Verifone, which is based in Clearwater, Florida. This unit provides payment solutions to petrol and gas stations across the USA including the pay-at-the-pump credit card processing system, manual cash registers that are installed inside the fuel station’s store, remote technical support and customer loyalty programs.
Krebs’ source also noted that there was potential evidence that Russia-based hacker group that is famous for targeting payment services and hospitality firms is responsible for compromising some portion of Verifone’s internal network.
Visa and Mastercard were tipped about the breach since mid-2016, and there was evidence that the attackers utilized a similar type of tools and techniques that were used by the cybercrime gang that hacked into Oracle’s MICROS division in 2016.
As per Krebs’ sources, Verifone has hired its strategic partner, a UK based digital forensics firm Foregenix LTD for the investigation of this breach. Verifone has also issued another statement about the information the company has managed to acquire about the breach so far. The latest statement reads:
“According to the forensic information to-date, the cyber attempt was limited to controllers at approximately two dozen gas stations and occurred over a short time frame. We believe that no other merchants were targeted and the integrity of our networks and merchants’ payment terminals remain secure and fully operational.”
DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.