FBI Investigates Another Retail Breach

Malware Strikes MAPCO Convenience Stores in 7 States
FBI Investigates Another Retail Breach

The FBI is investigating a payment card breach affecting customers of the MAPCO Express convenience store chain. The breach involved hackers remotely installing malware on card-processing systems, MAPCO reports.

See Also: Webinar | Beyond Managed Security Services: SOC-as-a-Service for Financial Institutions

The Federal Bureau of Investigation's Joint Cyber Crime Task Force is investigating the attack, which may have exposed card data associated with transactions conducted March 19-25, March 14-15 and April 20-21, according to an FAQ set up on the company's website.

"Upon discovering the issue, MAPCO took immediate steps to investigate the incident and further strengthened the security of its payment card processing systems to block future information security attacks," the company explains in a release.

MAPCO also says it's working with a computer forensics investigation firm and national card brands to determine the extent of the breach.

No Card Data Stored

The company stresses in its FAQ that it was not storing payment card information. "The payment card processing systems in our stores transmit credit and debit card information needed to process card transactions initiated by our customers. The information is not stored by MAPCO and is only held in these systems for minutes. We believe the hackers were able to access this card data when the malware was active on the systems. This malware has been disabled."

The convenience store chain also tells its customers: "The hackers may have obtained sufficient information to initiate fraudulent transactions on your account, using your name and card number. Even if you used a credit or debit card to make a payment at one of our stores during the relevant time periods, we cannot confirm whether or not your information was actually compromised."

The company declined to comment about the incident. It's not revealing the number of customers that were potentially affected.

Affected stores include MAPCO Express, MAPCO Mart, East Coast, Discount Food Mart, Fast Food and Fuel, Delta Express and Favorite Market located in Tennessee, Alabama, Arkansas, Georgia, Kentucky, Mississippi and Virginia.

Other Retail Breaches

The MAPCO incident is the most recent example of retailers being targeted by attackers using malware.

For example, in April, a malware attack targeting certain Kentucky and southern Indiana merchants was revealed. The attack, which was traced back to a vulnerability in software used to remotely access POS devices and systems, likely began sometime in mid-February (see: Retail Breach Contained; Fraud Ongoing).

On March 30, Schnucks Markets Inc. confirmed its point-of-sale network had been attacked by "malicious computer code" designed to capture payment card details. A class action lawsuit has been filed against Schnucks, a St. Louis-based grocery store chain (see: Schnucks Sued over Malware Attack).

In February, Bashas' Family of Stores confirmed a breach of its corporate network, which connects 130 locations operating under the Bashas' supermarkets, AJ's and Food City brands. The retailer said it had discovered never-seen-before malware on its network, which allowed attackers to gain access to internal systems and capture sensitive payment information.

And in January, the Zaxby's restaurant chain notified federal authorities of a computer system and point-of-sale breach that had affected 108 locations in Florida, Kentucky, Georgia, South Carolina, Alabama, Mississippi, Tennessee, North Carolina, Virginia and Arkansas. While the source of the breach was not disclosed, Zaxby's Franchising Inc. noted that malware and other suspicious files had been found on compromised computer systems at certain locations.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.