Cybersecurity journalist Brian Krebs first reported the incident via his blog, KrebsonSecurity, which details the possible breach impacting the San Jose, Calif.-based maker of credit card terminals.
“We are currently investigating an IT control matter in the Verifone environment,” said Verifone’s Senior Vice President and Chief Information Officer Steve Horan, in an internal email memo obtained by KrebsonSecurity. “As a precaution, we are taking immediate steps to improve our controls.”
The memo also instructed staff and contractors that they would no longer be able to install software on company-issued computers and laptops.
Although a company spokesman shared that in January 2017 Verifone did detect an intrusion in a “limited portion” of its internal network, he said that its payment services network was not affected.