Saturday, June 15, 2024

Hackers Steal the Credit Cards Information of Buckle, Inc by Injecting Malware in Their Payment Data Systems

One of the biggest Retailer in US Buckle, Inc under Cyber Attack in their Payment card Data systems where hacker inject a Malware to steal the Customers Credit card data and company operates 465 stores in 44 U.S .

This Malicious Software was identified Buckle retail store location point-of-sale (POS) system.according to the forensic report, this Malware silently record the customers Credit card information including Account number, account holder’s name, and expiration date .

Malware installed on cash registers at Buckle retail stores Point of sale and purchases made on its online store were not affected.

Buckle believes that certain payment cards used in its stores between October 28, 2016 and April 14, 2017 may have been affected.

This Malware only affected in certain period of time in a day at point of sale and malware did not collect data from all transactions or all POS systems.

Also Read  Zomato’s Massive Data Breach About 17 Million User Record Stolen and Revealed in Dark web

Information’s collected from magnetic stripe

EMV-capable card terminals,has been equipped in all the stores.Point of sale machine  accessed with secure chip-based credit and debit cards .

Once card has been inserted ,Malware copied the information from the magnetic stripe  which leads to hackers clone the card with the stolen information .

According to Buckle, There is no indication that other guest information was collected and no indication that any information submitted through Buckle.com was affected.

After Finding the Malicious Code and external IP addresses, It has been removed from the Buckle, Inc Network and potentially compromised systems were isolated, and malware-related files residing on Buckle’s systems were eradicated ,Buckle said.

Buckle Advised to their Customer that if there is any unauthorized activities found in their Bank account, individuals closely monitor their payment card account statements, then Contact the bank immediately and make sure that they are safe.

Also Read  VISA Card under “Distributed guessing attack” just 6 seconds to verify Visa card details

Website

Latest articles

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these...

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a...

Smishing Triad Hackers Attacking Online Banking, E-Commerce AND Payment Systems Customers

Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.Resecurity...

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

A threat actor has claimed responsibility for leaking the personal data of 5 million...

Ascension Hack Caused By an Employee Who Downloaded a Malicious File

Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery...

AWS Announced Malware Detection Tool For S3 Buckets

Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection...

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.The...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles