Breach Notification , Breach Response , Data Breach

POS Vendor Reports Malware Attack

Harbortouch Provides Few Details on Breach Affecting Merchants
POS Vendor Reports Malware Attack

Point-of-sale systems provider Harbortouch Payments has confirmed that it recently identified and contained a malware-related breach that affected "a small percentage" of the merchants that it serves.

See Also: Managing Identity, Security and Device Compliance in an IT World

"The incident involved the installation of malware on certain point-of-sale systems," the Allentown, Pa.-based company said in a statement provided to Information Security Media Group. "The advanced malware was designed to avoid detection by the anti-virus program running on the POS system. Within hours of detecting the incident, Harbortouch identified and removed the malware from affected systems."

Harbortouch says it has hired the forensics investigation firm Mandiant to assist in its ongoing investigation. It did not reveal how much payment card information may have been exposed in the malware attack.

The company says the incident did not affect its own network, and claims it was not the result of any vulnerability in its POS software. "Harbortouch does not directly process or store cardholder data," it says.

"It's important to note that only a small percentage of our merchants were affected and over a relatively short period of time," the company states. "We are working with the appropriate parties to notify the card-issuing banks that were potentially impacted. Those banks can then conduct heightened monitoring of transactions to detect and prevent unauthorized charges. We are also coordinating our efforts with law enforcement to assist them in their investigation."

Harbortouch declined to provide further details.

A source at one card issuer, who asked to remain anonymous, tells ISMG that MasterCard and VISA sent fraud alerts to issuers this week "that were pretty sizable," but the alerts did not disclose the party involved. The date range was March 10 to April 14, 2015, according to the source.

POS malware attacks have stolen card data from retailers large and small, ranging from Target, Michaels and Staples to smaller mom-and-pop shops.

Security researchers at Cisco recently issued a warning about a new breed of point-of-sale malware dubbed Poseidon after the Greek god. They say it's the latest attack code designed to steal credit card numbers immediately after payment cards get swiped through POS terminals (see: Why POS Malware Still Works).

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity

Marianne Kolbasuk McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site, and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network