Arizona supermarket chain hit by sophisticated malware

Arizona-based supermarket chain Bashas has released a statement confirming that it has located a sophisticated piece of malware on company servers which compromised private customer payment information.

In a notice issued February 5 and entitled "To Our Valued Customers", the company explains that it was recently attacked by cybercriminals who had gained access to parts of their confidential systems.

The statement goes on to explain that while Bashas has consistently complied with the requirements of the Payment Card Industry Data Security Standard (PCI DSS), the malware in question is a type of software that "has never been seen before in the industry".

As a precautionary measure Bashas has encouraged customers to monitor their payment card transaction histories and to report any unusual activity as soon as it is detected.

"The malware has been identified and contained, and we are working with forensic specialists and federal law enforcement officials in their investigation to find those responsible," reads the notice.

"We’ve also installed additional security measures (beyond what is required by the industry) to our point of sale and enterprise systems to further protect our customers' information from such attacks in the future."

While it is impossible to completely eliminate the risk of ever being affected by a cybercrime attack, it is important for organisations which process debit or credit card information to ensure that they are doing everything in their power to mitigate this possibility.

For this reason PCI DSS compliance should be viewed as an absolute necessity, as opposed to a luxury measure, while penetration testing and security audit evaluations are also extremely important.

The Pinal County Sheriff’s Office has reportedly already received more than 400 reported cases of fraudulent credit and debit card transactions relating to the Bashas security breach as of February 6.

Former Phoenix mayor Phil Gordon is one of those who have already come forward claiming to have been impacted by the Bashas security breach, noting that fraudulent charges worth upwards of $1,300 were made on two of his credit cards.

"All Pinal County citizens who have reported the frauds have had their bank accounts reimbursed," stated sheriff Paul Babeu in a statement released February 6.

"Numerous investigators from various law enforcement agencies are working around the clock to find those responsible and put them behind bars."

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s