Vandals hack checkout terminals at California supermarkets

Share this article:

Criminals tampered with the credit and debit card readers placed on a number of self-checkout terminals belonging to a California supermarket chain, which resulted in dozens of instances of account fraud.

Twenty Lucky Supermarkets locations reported that their card readers were compromised, according to a Monday statement from parent Save Mart.

As of Monday, the company had received about 80 reports of employees or customers whose credit or debit card accounts were accessed to either conduct fraud or attempt to make a unauthorized transaction.

"We strongly recommend our customers who used a self-checkout lane in the affected stores contact their financial institutions to close existing accounts and seek further advice," according to the statement, which listed all of the impacted outlets.

Accounts of skimming on devices such as point-of-sale (POS) terminals and ATMs notably have risen over the last couple of years.

Avivah Litan, a Gartner vice president and analyst, said these types of attacks typically are perpetrated by an organized racket who have deep knowledge of the POS equipment used by their targets.

In an email to SCMagazineUS.com on Thursday, she explained how the crime ring's organizational structure functions.

"The ringleader(s) hire ‘flackies' to insert skimmers in the equipment or to replace the equipment Save Mart has have installed altogether," Litan said. "Most likely it's the former option. They then hire the counterfeit specialists that turn the stolen data into counterfeit cards (with PIN numbers, if they have them) taped on to the counterfeit cards. And finally they hire the ‘cash out' flunkies to use the cards at ATM machines or other POS systems to turn the stolen cards into stolen cash or easily fence-able goods (like TVs, tablets or other electronic goods)."

She added that the crooks hired to withdraw the cash or resell the stolen merchandise work quickly before fraud detection systems can catch on to the scam.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.