Russian hackers behind Verifone breach, sources say


Verifone, the largest payment processing company in the US, has been investigating a Jan. 23 network breach that may have affected some companies using its POS solutions, wrote security researcher Brian Krebs.

The “IT control issue” was confirmed in a memo urging employees and contractors to change company passwords within 24 hours. Verifone also informed partners Visa and Mastercard and immediately reached out to a forensics company to carry out the investigation.

Verifone spokesperson Andy Payment called the incident “a limited cyber intrusion into our corporate network” and claimed that “our payment services network was not impacted.” The company makes credit card terminals, runs its services in 150 countries and employs 5,000 people.

However, according to Krebs’ source, the incidents seems to have, after all, affected a unit based in Florida that offered POS solutions to gas and petrol stations; 24 gas stations were affected by the attack. The source blames a Russian organized criminal gang that focuses on payment providers, and says the network has been compromised from mid-2016.

Verifone did not say how the attack was carried out or what type of information was exposed, but it is a possibility for them to have been after software code, besides financial and credit card data.

“According to the forensic information to-date, the cyber attempt was limited to controllers at approximately two dozen gas stations, and occurred over a short time frame,” Verifone later commented. “We believe that no other merchants were targeted and the integrity of our networks and merchants’ payment terminals remain secure and fully operational.”

In the past, other companies such as Target, Home Depot, KFC, certain fashion brands and hotel chains dealt with similar attacks and large-scale breaches.

Source: Luana Pascu