Breach, Threat Management, Data Security

Carwash POS systems hacked, card data stolen, used

What started out as a local investigation of a man using stolen credit cards in Everett, Wash., turned into a multistate investigation, including the U.S. Secret Service, that uncovered a string of hacks at carwashes nationwide and could be linked to source code stolen from Symantec in 2012, according to a report by Brian Krebs.

After receiving a call from police in South Carolina about the unauthorized use of a credit card at a Family Dollar Store in Everett, security footage from the stores, led investigators to eventually arrest a robbery victim, Jeanne Pierre, in Connecticut.

He had nine gift cards that had been reprogrammed with stolen credit card data nicked from Micrologic Associates point-of-sale (POS) systems by exploiting an old version of Symantec's pcAnywhere used in at least 40 carwashes. Some carwashes were using old passwords and running Microsoft XP.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.