Security News

Dickey's Barbecue Pit Investigating Possible Breach Affecting 3M Payment Cards
2020-10-16 18:46

A data set of millions of payment card records apparently stolen from US-based restaurant franchise Dickey's Barbecue Pit has emerged on a Dark Web marketplace, Gemini Advisory reports. There are 469 locations across 42 states that are operating under the Dickey's Barbecue Pit franchise, each of them allowed to use the type of point-of-sale device they like, as well as their preferred processors.

Dickey’s BBQ Breach: Meaty 3M Payment Card Upload Drops on Joker’s Stash
2020-10-16 16:13

Popular U.S. smoked-meat franchise Dickey's Barbecue Pit has been hit with a data breach, with cybercriminals posting the fat cap of the compromised data - 3 million payment cards - on the popular Joker's Stash underground marketplace this week. "We are utilizing the experience of third parties who have helped other restaurants address similar issues and also working with the FBI and payment card networks. We understand that payment card network rules generally provide that individuals who timely report unauthorized charges to the bank that issued their card are not responsible for those charges."

Cybercriminals Target Conference Platform With Payment Card Skimmer
2020-10-09 11:05

Cybercriminals have planted a payment card skimmer on the websites of several organizations using the Playback Now conference platform, Malwarebytes reported on Thursday. The customer websites hosted on it - customers receive a dedicated website which they can use to serve their content - had been injected with a payment card skimmer that allowed the attackers to steal the financial information of users purchasing conference materials from those sites.

Verizon: Just 25% of global businesses comply fully with the Payment Card Industry Data Security Standard
2020-10-06 17:41

A little more than a quarter of companies worldwide are fully compliant with the exacting PCI DSS online payment security standard, according to US telco Verizon. The company's 2020 Payment Security Report found that only 27 per cent of organisations worldwide were in line with the full ambit of the PCI DSS for handling payment card data in online purchases.

Infineon and Fingerprint Cards partner to enable mass deployment of biometric payment cards
2020-08-16 23:30

Biometric payment cards with an integrated fingerprint sensor make contactless payments more convenient, more secure and hygienic. Infineon Technologies and Fingerprint Cards have joined forces to enable mass deployment of this emerging solution.

Cybercriminals Could Be Cloning Payment Cards Using Stolen EVM Data
2020-07-31 13:54

Cybercriminals could be stealing data from payment cards with EMV chips and using it to create magnetic stripe cards which they can use for card-present transactions, cybersecurity firm Gemini Advisory reported on Thursday. This enables cybercriminals who can steal EMV card data to encode that data on a magnetic stripe, inserting the iCVV instead of the CVV that is expected to be on the magnetic stripe.

No Wiggle room: Two weeks after angry bike shop customers report mystery orders on their accounts, firm confirms payment cards delinked
2020-06-16 16:00

Brit cycling equipment shop Wiggle confirmed to The Reg today it was delinking customers' payment cards from their accounts, two weeks after first receiving complaints that orders were appearing on customers' accounts that they had not made themselves. Ross Clemmow, CEO at Wiggle, told The Reg: "[W]e understand a small number of customers' login details have been acquired outside of Wiggle's systems and some have been used to gain access to Wiggle accounts and purchases made.

Claire’s Customers Targeted with Magecart Payment-Card Skimmer
2020-06-15 15:36

A Magecart credit-card skimmer was used to attack online customers of the retailer Claire's for a month and a half, according to researchers. "Following common Magecart malpractice, payment skimmers were injected and used to steal customer data and cards," according to Sansec.

Collection of South Korean, U.S. Payment Cards Emerges on Underground Market
2020-04-27 11:26

A collection of approximately 400,000 payment card records, mainly from South Korea and the United States, has emerged on the dark web this month, Group-IB reports. Uploaded on a popular darknet cardshop on April 9, this collection represents the largest sale of South Korean records on underground markets this year, the cyber-security company warns.

Tupperware Cyberattack Stores Away Customer Payment Cards
2020-03-26 18:16

Though Tupperware never responded to multiple attempts at contact by researchers, as of March 25, after research was publicly disclosed detailing the card skimmer, the malicious code was removed from the homepage. Researchers first came across the card skimmer during a web crawl, when they identified a suspicious iframe - responsible for displaying the payment form fields presented to online shoppers - that was loaded on the Tupperware[.