What started out as a local investigation of a man using stolen credit cards in Everett, Wash., turned into a multistate investigation, including the U.S. Secret Service, that uncovered a string of hacks at carwashes nationwide and could be linked to source code stolen from Symantec in 2012, according to a report by Brian Krebs.

After receiving a call from police in South Carolina about the unauthorized use of a credit card at a Family Dollar Store in Everett, security footage from the stores, led investigators to eventually arrest a robbery victim, Jeanne Pierre, in Connecticut.

He had nine gift cards that had been reprogrammed with stolen credit card data nicked from Micrologic Associates point-of-sale (POS) systems by exploiting an old version of Symantec's pcAnywhere used in at least 40 carwashes. Some carwashes were using old passwords and running Microsoft XP.