Malware a growing threat to point of sale systems


By Andrew Bagrin

One of the nation’s largest cosmetic companies, Sally Beauty Supply, announced a point-of-sale (POS) breach at several of its U.S. stores spanning a six-week period beginning in March.

It has yet to be determined if the POS malware was injected physically or remotely. The company has waved the red flag and confirmed that payment card data was stolen – including customer names, credit and debit card information, expiration dates and verification values.

Shifting gears to the restaurant industry, grocery store chain Eataly reports a malware-related POS breach from January 16  – April 2 that has affected its New York location, one of 27 stores worldwide. While the good news is that only one of the company’s stores appears to have been compromised, POS security is still in question at the other locations.

The lesson – POS malware is becoming a go-to method for intruders to gain access into confidential payment card data. According to the 2015 Verizon Data Breach Investigations Report, 70-90 percent of malware is unique to a certain location. Cyber criminals are becoming more and more sophisticated and introducing modifications to keep victims in the dark. That being said, it only makes sense for businesses to ramp up security of all POS systems, as they’ve become an easy target in recent months. Security experts are urging for more enhanced penetration testing to pinpoint the root of how the malware is getting through.

Strands to keep A  close eye out  for

 With new malware strands emerging daily, it’s critical to keep up-to-speed and know what to look out for.

A recently identified strain known as Punkey is stealing headlines since its origination in a breach at a U.S. restaurant chain. The malware exploits remote entry passwords for POS systems or enters via cashiers using the POS computer to surf compromised sites.

The danger here is that is uses memory-scraping POS malware that can be used to compromise any Windows-based POS network. Experts say it’s tough to crack, because it encrypts the compromised data it infiltrates.

MalumPOS is another threat we should keep our eyes out for, as it targets POS devices running on the Oracle MICROS platform, commonly used among the restaurant and hospitality industry.

At this stage of the game, we know cyber criminals are on the prowl and searching for any open entryway to confidential data. While we can’t put a stop to these threats, we can educate ourselves and have multi-layer defenses in place to hopefully minimize the number of breaches we’ve become accustomed to seeing splashed across headlines recently!

Editor’s note: Bagrin is the Founder and Chief Executive Officer of My Digital Shield, Wilmington, a cyber security firm for smaller businesses. This column  is part of a company blog.  

Facebook Comments
Previous articleSallie Mae earnings increase in second quarter
Next article(Kudos) Business achievements – July 26, 2015
Delaware Business Now is a four-year-old, five-day-a-week newsletter and website operated by Bird Street Media LLC. Publisher and Chief Content Officer is Doug Rainey, a 30-year veteran of business journalism in the state of Delaware.  Business Now focuses on breaking business news in Delaware and immediate adjacent areas with apropriate background and perspective. Also offered exclusively in our FREE newsletter is commentary on state and regional issues. Have a complaint, question or even a compliment? Send an email to For advertising information, click on the About tab at the top of the home page Our business hours are 8 a.m. to 5 p.m., Monday through Friday. Call us at 302.753.0691.