Verifone confirms corporate network was hacked

By

US stores hit.

Global payments processor Verifone has confirmed its corporate network was hacked by unknown attackers targeting the company's merchants.

Verifone confirms corporate network was hacked

Verifone spokesperson Andy Payment told iTnews the "cyber incident" took place around two months ago, and affected two dozen American service station convenience stores.

The attack was revealed by infosec journalist Brian Krebs, whose report claimed Russian criminals were attempting to gain access to merchant point of sale terminals.

The incident occurred over an unspecified but short period, Payment said. Verifone identified evidence of a cyber intrusion into the company's corporate network in January this year.

"No other merchants were targeted and the integrity of our payment networks and Verifone’s payment terminals remained secure and fully operational," he said.

Verifone has notified Visa, Mastercard, and other credit card and payments card companies of the attack.

Payment said there was no evidence of adverse events, or abuses of data, stemming from the incident. 

The payments processor has now implemented additional security controls across its corporate networks, and has started work to determine "the type of information that may have been targeted", Payment said.

Krebs obtained and posted an email dated 23 January from Verifone chief information officer Steve Horan that asked staffers to change their login passwords within 24 hours.

Horan also removed Verifone staffers' ability to install additional software of their choice on company laptops and desktops. Those who need non-sanctioned applications will have to go through Verifone's IT service desk in the future, Horan said.

Verifone operates in 150 countries worldwide, including Australia, and has 5300 employees.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

Log In

  |  Forgot your password?