Card Skimmers Found Inside Payment Terminals In California And Colorado Safeway Stores

http://ift.tt/1IUqJrd

Regular Consumerist readers are probably now used to checking gas pumps, public transit vending machines, and ATMs for visible and obvious skimming devices. However, banks have discovered and Safeway has confirmed that credit card terminals in some of their stores in California and Colorado were compromised with hardware skimmers: devices embedded right in the card-processing machines that harvested their card data and PINs.

Krebs on Security learned about this issue in the usual way: from banks whose customers were affected. In this case, the banks worked to find a link between customers whose checking accounts were drained. They hadn’t just shopped at Safeway stores in the same area: they had used the same few checkout aisles in those Safeway stores.

To pull off this kind of physical credit card breach, the perpetrators would have needed physical access to the credit card processing terminals to add the tiny pieces of equipment needed to harvest customer card numbers and PINs.

Here’s what shoppers need to know: possible affected stores were in Denver and some surrounding towns, and potentially Castro Valley and Menlo Park, California. Banks told Krebs that transactions at Safeway before customers’ accounts were drained date back to the beginning of September of this year.

Skimmers Found at Some Calif., Colo. Safeways [Krebs on Security]

by Laura Northrup via Consumerist