POS systems impacted by ‘Backoff’ breach
August 26, 2014
New York--The U.S. Department of Homeland Security has put the word out that thousands of large as well as small- and mid-sized businesses have been affected by a malicious point-of-sale software dubbed “Backoff.”
The agency is encouraging administrators and operators of POS systems to review the Backoff malware alert to determine if their systems have been affected. They said organizations should check for infections, regardless of their size.
Seven POS systems providers and vendors have confirmed security breaches with multiple clients affected and reporting continues on additional compromised locations.
Homeland Security said the Secret Service estimates that more than 1,000 U.S. business have been affected, with additional reports coming in from private-sector entities.
The DHS strongly recommends that organizations contact their IT team, antivirus vendor, managed service provider and/or POS system vendor to assess whether assets might be vulnerable and/or compromised.
Companies that believe they are victim of the Backoff malware should contact their local Secret Service field office and also can contact the National Cybersecurity and Communications Integration Center for additional information at 888-282-0870.
This malware infiltration comes less than a year after Target Corp. told the public that there was unauthorized access to the credit and debit card data of millions of shoppers who made purchases in its stores during the holiday season.
Target’s announcement affected an estimated 40 million consumers. The Wall Street Journal reported at the time that the theft may have involved tampering with the machines shoppers use to swipe their cards when making a purchase.