By Andrew Bagrin
One of the nation’s largest cosmetic companies, Sally Beauty Supply, announced a point-of-sale (POS) breach at several of its U.S. stores spanning a six-week period beginning in March.
It has yet to be determined if the POS malware was injected physically or remotely. The company has waved the red flag and confirmed that payment card data was stolen – including customer names, credit and debit card information, expiration dates and verification values.
Shifting gears to the restaurant industry, grocery store chain Eataly reports a malware-related POS breach from January 16 – April 2 that has affected its New York location, one of 27 stores worldwide. While the good news is that only one of the company’s stores appears to have been compromised, POS security is still in question at the other locations.
The lesson – POS malware is becoming a go-to method for intruders to gain access into confidential payment card data. According to the 2015 Verizon Data Breach Investigations Report, 70-90 percent of malware is unique to a certain location. Cyber criminals are becoming more and more sophisticated and introducing modifications to keep victims in the dark. That being said, it only makes sense for businesses to ramp up security of all POS systems, as they’ve become an easy target in recent months. Security experts are urging for more enhanced penetration testing to pinpoint the root of how the malware is getting through.
Strands to keep A close eye out for
With new malware strands emerging daily, it’s critical to keep up-to-speed and know what to look out for.
A recently identified strain known as Punkey is stealing headlines since its origination in a breach at a U.S. restaurant chain. The malware exploits remote entry passwords for POS systems or enters via cashiers using the POS computer to surf compromised sites.
The danger here is that is uses memory-scraping POS malware that can be used to compromise any Windows-based POS network. Experts say it’s tough to crack, because it encrypts the compromised data it infiltrates.
MalumPOS is another threat we should keep our eyes out for, as it targets POS devices running on the Oracle MICROS platform, commonly used among the restaurant and hospitality industry.
At this stage of the game, we know cyber criminals are on the prowl and searching for any open entryway to confidential data. While we can’t put a stop to these threats, we can educate ourselves and have multi-layer defenses in place to hopefully minimize the number of breaches we’ve become accustomed to seeing splashed across headlines recently!
Editor’s note: Bagrin is the Founder and Chief Executive Officer of My Digital Shield, Wilmington, a cyber security firm for smaller businesses. This column is part of a company blog.