US retailer Kmart has admitted some customer payment cards have been compromised after it discovered that point of sale systems had been breached.
While investigations are ongoing, initial indications are that the infections had started early last month. In a statement, Kmart president and chief member officer Alasdair James said that the retailer is working closely with federal law enforcement authorities, its banking partners and security experts in an ongoing investigation.
He said that the IT team detected the breach last Thursday and found that the payment data systems at Kmart stores were purposely infected with a new form of malware which resulted in debit and credit card numbers being compromised.
“Based on the forensic investigation to date, no personal information, no debit card PIN numbers, no email addresses and no social security numbers were obtained by those criminally responsible,” he said.
“There is also no evidence that Kmart customers were impacted. This data breach has been contained and the malware has been removed. I sincerely apologise for any inconvenience this may cause our members and customers.”
Adam Kujawa, head of Malware Intelligence at Malwarebytes Labs, said: “Every large chain organisation should be doing everything they can to revamp their security procedures on their financial systems and hopefully avoid attacks against their customers. Those who haven’t can feel with a good amount of certainty that they will be next and those who have beefed up security but have already been attacked we will most likely hear about in the coming weeks.”
Craig Young, security researcher at Tripwire, said: “Although Kmart is indicating PINs or general customer data have not been compromised in this attack, it does appear that track 2 data has been stolen. In laymen’s terms, this means that the hackers made off with just enough information to complete a transaction.
“This data can be used to print a fake card and purchase high-priced items. Merchandise from these purchases is resold in a number of ways including underground markets which rely on the TOR network for anonymity.”