Another US store, Rutters has made it to the news due to a POS malware attack. Reportedly, Rutter’s suffered a security breach at multiple locations as the malware pilfered customers’ payment card data.
The US-based chain of stores Rutters has recently disclosed a wave of POS malware attack that it suffered. Sharing the details in a security notice, Rutter’s revealed that the incident may have affected customers’ payment card data.
As elaborated, Rutter’s came to know of the incident from a third-party report, following which, they began investigating the matter. Digging further unveiled evidence of unauthorized access to their point-of-sale terminals.
The malware then scanned the cards used in transactions to pilfer cardholder names, card number, date of expiry, and internal verification code. However, for EMV cards scanned on EMV POS devices, the malware could only access the card number and expiration date.
The attack continued to exist on the POS systems for about seven months, that is, from October 1, 2018, to May 29, 2019. Yet, it persisted in a varying manner at various locations during this time period.
Rutter’s, after noticing the breach, started investigations over the matter whilst involving relevant cybersecurity firms. They also informed law enforcement authorities regarding the breach.