Breach, Threat Management, Data Security, Malware

POS malware steals card data, maybe fingerprints, from workplace food kiosks

Avanti Markets, a leading "micro market" vending company, has suffered a malware attack that allowed adversaries to steal payment and possibly fingerprint data from customers who used its self-service payment kiosks to purchase goods in various corporate workspaces.

According to an online statement from Avanti, the company on July 4 discovered a "sophisticated malware attack" that affected kiosks at some, but not all, micro market locations. Stolen data may include the full names, card numbers and expiration dates of credit and debit card users, the names and possibly email addresses of Market Card pre-paid card users, and potentially the biometric information of customers who used the kiosks' fingerprint-based verification technology to authorize a purchase.

Security expert Brian Krebs reported in a blog post over the weekend that hackers specifically breached the internal networks of Tukwila, Wash.-based Avanti and subsequently pushed out the malicious software to the kiosks. Krebs also referenced a July 7 blog post from RiskAnalytics, whose analysts found that a client's break room vending kiosks from Avanti were infected by what appears to be the POS malware PoSeidon (aka FindPOS). RiskAnalytics made this assessment based on malicious traffic patterns and specifically the discovery of a SSL certificate linked to this malware family.

According to the Avanti website, the company operates micro markets in 46 states, serving 200 million products annually to 1.6 million customers. Avanti said that in response to the incident, it has taken steps to secure its internal systems, shut down payment processing at some locations, begun removing malware from infected systems, hired a forensic investigation firm and contacted the FBI and other authorities. The company said it will attempt to identify victims and offer credit monitoring and other helpful services to affected individuals.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.