Outside of the television program Breaking Bad, car washes are almost never threatening or frightening things, and are certainly not the kind of places most consumers tend worry about when it comes to credit card fraud.
Which is exactly why it is the type of target that fraudsters like to hit, because after all, who worries about credit card fraud at a car wash?
Most of us don’t, but apparently we should according to internet security blogger Brian Krebs. Massachusetts police recently arrested a man with nine stolen credit cards, except none of the cards in his possession were themselves stolen—they were gift cards that had been re-encoded data from cards that were stolen from a variety of data breaches at merchants, one of which was a car wash in Connecticut.
This, however is not the story of one credit card breach in Connecticut, as further investigation determined that the local company was but one of at least 40 car washes across the country that had been hacked and relieved of countless customer credit and debit cards since at least February 2014.
“What the investigators we’ve worked with so far have been able to gather is that [the thieves] were exploiting not the pcAnywhere credentials, but a flaw in old versions of pcAnywhere,” said Micrologic President and CEO Miguel Gonzalez, reports Krebs.
Micrologic is further urging merchants to either patch or upgrade their systems to a multi-user authentication system to prevent further card breaches.
“What’s Hot” is aggregated content. PYMNTS.com claims no responsibility for the accuracy of the content published by the original source.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More