Massive fast food payments security breach in SA

The point of sales (PoS) system of a number of popular fast food outlets in South Africa were infected with malware earlier this year, which enabled cyber criminals to steal credit and debit card information from customers.
Techcentral reported on Tuesday (15 October) that a variant of malware called Dexter, which infected the point of sales devices, “cost local banks tens of millions of rand”.
The report said that the breach was described “as one of the worst breaches of customer card data in the country’s history”.
Payments Association of South Africa (Pasa) CEO, Walter Volker, told MyBroadband that the security breach took place at a number of fast food outlets around South Africa.
Volker declined to name the affected chains, but confirmed that it included big names in the industry.
He said that Pasa initially detected fraud based on this security breach early in 2013, and started to investigate the issue amid increasing volumes.
With the help of a forensic investigation company the affected outlets and the cause of the security breach was uncovered. The cause was that payment systems were infected with malware.
Volker said that they know exactly how the point of sales systems were infected, but is keeping the information private to assist with an ongoing police investigation.
It was also established that an international syndicate was behind the security breach which recorded credit card and debit card data.
This banking card data was used to either clone cards for international use in a physical environment, or sold to be used by other parties.
Volker said that Interpol, Europol and the South African police are involved in the investigation.
Pasa stressed that card holders who have been affected by this security breach have not lost money, noting that the banks absorbed the losses incurred through the breach.
Volker said that the payment systems of the fast food outlets affected by the security breach has been cleaned of any malware, while an investigation into other potential security breaches is ongoing.
When asked for comment, Absa said that this is an industry issue and is not isolated to Absa. It suggested that the Payments Association or BASA should be consulted for comment. FNB’s response mirrored that of Absa.
Nedbank and Standard Bank could not immediately comment on the issue.
The Dexter malware made headlines towards the end of 2012 when Seculert published details on its research into the software on its blog.
According to Seculert, Dexter is a custom-made malware that had been used for 2-3 months prior to its blog post and had infected hundreds of point-of-sale (POS) systems.
This article can be found on MyBroadband