The Rippleshot Data Breach Blog

Data Breach Ripples: Week of January 23

Written by Zach Walker | Jan 26, 2015 4:02:00 PM

In this week's issue: a data breach has occured affecting an online pet supplies store, the U.S. Supreme Court rejects a merchant-backed petition on debit card transaction fees, four Wingstop locations were found to have malware installed on POS systems, and in the latest Rippleshot blog post, we recap Tripwire Inc.'s Retail Cyberthreat Summit webcast featuring Rippleshot Chief Scientist & Co-Founder, Randal Cox.

ICYMI: Payment Cards Targeted in Attack on Pet Supplies Website

Last week, pet supplies website ValuePetSupplies.com, a Tennessee-based company announced that several thousand of their customers' payment cards were targeted in a cyber attack. According to ValuePetSupplies.com, unauthorized persons accessed the retailer’s servers and installed malicious files to capture the personal and payment information of its customers.

The data breach appears to have occurred from November 25, 2014 to December 29, 2014 according to a sample data breach notification letter issued by ValuePetSupplies.

Supreme Court Rejects Petition, Dealing Merchants Defeat on Debit Cards

On Tuesday, the U.S. Supreme Court was presented with a petition by the National Association for Convenience Stores (NACS), regarding the rules set in place for debit card transactions and the fees associated with them. The U.S. Supreme Court declined to hear the case, solidifying a previous ruling in March of 2014, capping the fee.

Malware Found on POS Systems at Four Wingstop Locations

Malware was recently found on POS systems at four Wingstop locations in California and Texas. At this time, Wingstop is in the process of notifying an undisclosed number of its customers at three Texas locations and one location in California. On January 21, Wingstop announced on their website that a data security incident had occurred. Because Wingstop franchisees operate POS systems that are independent of each other, there is no reason to believe at this time that the data breach is a chain or nationwide issue.

Rippleshot Content: Retail Cyberthreat Summit Recap Hosted by Tripwire Inc.

In the latest Rippleshot blog post, we take a look at Tripwire Inc.'s Retail Cyberthreat Summit webcast. Where several experts who deal with retail security, including Rippleshot's Chief Scientist Randal Cox, at different phases of the retail breach lifecycle will provide insight and guidance on what retailers can do to fight back.

Thanks for reading this week’s newsletter. If you missed the last Data Breach Ripples email or want to share these with friends or colleagues, click HERE