Security News > 2020 > February > Over 70 Rutter's Stores Hit by Payment Card Breach
The company said it discovered the breach recently, after being notified by a third-party that "There may have been unauthorized access to data from payment cards that were used at some Rutter's locations."
Rutter's investigation revealed on January 14 that hackers had planted malware on payment processing systems, allowing them to obtain information from credit and debit cards used at point-of-sale devices at fuel pumps and convenience stores.
The malware was designed to look for card track data, which includes cardholder name, card number, expiration date and internal verification code.
In the case of customers who inserted their EMV cards into the terminal's chip reader, the malware may have only stolen the card number and expiration date.
The malware was mostly present between October 1, 2018, and May 29, 2019, but in some cases the theft of payment card data may have started on August 30, 2018, or September 20, 2018.