Earlier this year, this blog covered the malware attack on Schnuck Markets Inc., a chain of grocery stores. It is believed that 79 of the 100 stores were affected and an estimated 2.4 million debit and credit cards were likely compromised in the incident, when the point of sale system was hacked in December. This caused the company to experience a loss of revenue, bruised reputation and CEO Scott Schnuck issued several apologies to his customers.
If reports this week are to be believed, a new wrinkle to the situation is starting to emerge. According to a report from Bank Info Security, the attack on Schnuck Markets Inc. is being linked to attacks that targeted several other retailers in the Kentucky and Southern Indiana. Who those companies are has not been released because it is unclear if the attacks have been made public yet.
A cited federal investigator said the Secret Service was able to track the attacks to a group of overseas hackers. With the cooperation of international law enforcement, there is a chance the case could be closed soon.
Craig Hutzell, a spokesman for the Kentucky Electronic Crimes Task Force, explained in more detail how these incidents were linked together. He said they used the same modus operandi. For starters, it was the same malware in all of these incidents. On top of that, the model of entry and overseas IP address make the idea of a single hacker or group a reality.
In all of the incidents, card information was stolen and sold in a forum. Within 72 hours of the breaches, compromised data was being used to make fraudulent purchases.
How do businesses protect themselves?
With one hacking group causing such chaos in a concentrated area, it shows how important it is for retailers and any other organization that handles credit card processing to take steps to secure the process from every angle.
John Buzzard, an executive at FICO's Card Alert Service, told the news source that banks and credit unions need to work together with the card association and the fraud departments for Visa and MasterCard, Discover and American Express.
"Some banks and credit unions may not want to take the time to do that," Buzzard said. "But this diverse reporting and link analysis really is important. It helps investigators connect the dots. Without a doubt, that information from banking institutions helped investigators in this case realize that all of these were connected."
He went on to talk more specifically about malware attacks and their growing popularity in criminal circles. The main reason, according to Buzzard, is the challenge that goes along with trying to trace the source of the attack.
"It's been a long line of succession this year, and a predominant amount of the attacks have been [at] grocery stores," he says. "But one thing banks and credit unions need to be aware of is when we start to have inconclusive evidence, it may be challenging to find a common point of compromise. Sometimes it's a processor breach, which may not lead them to a specific retailer."
Merchants of any size need to focus on having secure credit card processing software as the first line of defense against a security breach.