Subway Hackers Steal 500k Credit Cards From Point-of-Sale Systems

Officials reveal the same hackers who hit the subway chain last year have stolen 500,000 credit card numbers from machines in Australia.

A ring of hackers that hit 150 Subway  restaurants in the US last year have been able to steal over a half  a million credit cards from point of sale systems in Australia.

At this point details about the attack in Australia are being kept under wraps by officials most likely to prevent copycat hackers  from attacking the systems.

According to reports the systems were attacked using keyloggers on IT networks on which default password were never change and store data in an unencrypted format.

Wired reports:

500K Credit Cards Stolen in Australian Point-of-Sale Hack

Police in Australia are investigating a breach of half a million credit card numbers that reports say was conducted by the same gang that struck the Subway restaurant chain in the United States.

The intrusion occurred at an unidentified merchant in Australia and is being blamed on Eastern European hackers who installed keystroke-logging software on point-of-sale terminals (POS) and siphoned card data from the terminals remotely, according to SC Magazine.

[...]The hackers are believed to be members of the same Romanian group that was responsible for hacking 150 Subway sandwich shops and other unnamed retailers in the U.S.

[...]

Few details have been released about the hack in Australia, but in the Subway case, the hackers compromised the credit-card data of more than 80,000 customers and used the data to make millions of dollars of unauthorized purchases, according to authorities.

From 2008 until May 2011, they allegedly breached more than 200 POS systems in order to install a keystroke logger and other sniffing software that would steal customer credit, debit and gift-card numbers. They also placed backdoors on the systems to provide ongoing access.

POS systems generally consist of a card scanner at a checkout register where customers scan their cards and type in a PIN or provide a signature, as well as a computer system for transferring the data to a card processor for verification and approval.

The indictment didn’t identify the POS system used by Subway, nor does the news from Australia indicate the brand of terminal attacked in that breach, but Subway announced in January 2009 that it was deploying the Torex Quick Service POS in all of its 30,000 restaurants.

The Subway case shared similarities to what occurred to seven U.S. restaurants that sued the maker of a POS in 2009 for failing to secure the product from a Romanian hacker who breached their systems.

Source:Wired

Stay up to date with the latest news:

Twitter: https://twitter.com/#!/kr3at
Facebook: http://facebook.com/alexhiggins732
Live TV And Videos: Higgins TV
Website: The Alexander Higgins Blog
Headlines: Real-time News Headlines

Source: Subway Hackers Steal 500k Credit Cards From Point-of-Sale Systems ©
Copying or redistribution of this material requires that this license must remain intact with attribution to the content source.

Related Posts

• Cyber Insecurity Feds’ Latest Excuse To Access Your Private Data
• 10 Ways Attacking Iran Could Destroy The United States
• NSA Hides Google Ties As DARPA Director Takes Google Job
• CNN: Hackers seized control of NASA computers
• Deleveraging Needed In Next 4 Years: $28 Trillion
• Social Networks Develop Deep Packet Inspection Backdoors For Govt Spying
• ACLU Debunked On Trapwire: Inside Big Brother’s Pre-Crime Surveillance Software
• Another Cyber False-Flag to Lock down the Internet