• Security breach impacted store locations in Pennsylvania and West Virginia.
  • Attackers gained access to its stores’ network system and infected payment systems specifically designed to steal card data.

Hackers recently targeted US store chain Rutter’s in a security breach attempt stealing credit card information of several customers from around 71 locations.

What happened?

Rutter’s, the U.S. convenience store and gas station chain, disclosed breach incident where its systems were infected with a point-of-sale (POS) malware.

  • Attackers gained access to its stores’ network system and infected payment systems specifically designed to steal card data.
  • The attackers likely stole payment card data from cards used on POS devices from convenience stores and fuel pumps.

Ongoing investigation

Rutter’s got a tip from a third party claiming there may have been unauthorized access to data from payment cards. The company started an internal investigation and had the malware removed from its payment systems.

The chain then notified the law enforcement and also hired a cybersecurity firm to investigate thoroughly.

What got leaked?

As per media reports, the malware was present from October 1, 2018 till May 29, 2019.

  • Hackers could steal card numbers, expiration dates, and internal verification codes from customers’ credit cards.
  • In some cases, the malware also captured the cardholder names.
  • But, it didn’t copy payment data from all of the cards used at the affected locations.

“The malware searched for track data (which sometimes has the cardholder name in addition to card number, expiration date, and internal verification code) read from a payment card as it was being routed through the payment processing systems,” read the notice issued by the company.

What wasn’t impacted?

The chain operates at more than 75 locations throughout Pennsylvania, Maryland, and West Virginia.

  • The company stated that cards used at car washes, ATMs, and lottery machines at various Rutter’s stores were not infected with the malware.
  • It also confirmed that the PoC malware was removed from infected systems and that it is implementing enhanced security measures to prevent similar future attacks.

What users can do now?

Experts suggested a few important tips for all potentially affected customers.

  • Customers should consider reviewing their payment card statements for any unauthorized activity.
  • In case they found one, it should be immediately reported to their card issuer to prevent further misuse.
  • Rutter’s customers can also proceed with an official complaint with the Federal Trade Commission and a police report as it will be a case of fraud or identity theft.

Meanwhile, Rutter’s has also set up a dedicated help line at 888-271-9728 for additional questions of customers.

Cyware Publisher