Security Experts:

Malware Infects Point-of-Sale System at Chicago Yacht Club

Chicago Yacht Club Completes Credit Card Breach Investigation

The Chicago Yacht Club has determined that a piece of malware was installed on one of its point-of-sale (PoS) servers between April 26 and June 21, the organization said on Sunday.

The breach was discovered after the club called in a security company to investigate a crash of its PoS service which took place on June 15. The security firm found the threat on June 21, and the affected server was taken offline.

The yacht club's representatives reported that customer names, addresses, and credit card or bank account numbers could have been accessed by the malware, although the security company hasn't been able to determine if the information was actually copied by the attacker.

The organization is confident that only customers who have paid with their cards between April 26, 2014 and June 21, 2014 are affected, but the number of potential victims has not been specified. Individuals whose information has been exposed have been offered identity protection services via AllClear ID for a period of 12 months, at no cost.

In a letter sent out to those possibly impacted by the breach, the Chicago Yacht Club has clarified that the targeted server contains the software hosting the club's membership database. The server used for payments made through the club's website is hosted by a third party and it has not been involved in the incident.  Furthermore, credit card and bank account numbers were encrypted, the letter said.

"We have no reason to believe that any information contained on the server has been used improperly or even accessed.  However, out of an abundance of caution, we began sending letters to potentially affected individuals on July 31, 2014.  We have also established a dedicated call center for individuals to contact with any questions," Commodore Gerald Bober wrote in a statement published on the club's website.

"If you used your card at the Chicago Yacht Club during the listed time and see a fraudulent charge on your card, please immediately contact the bank that issued your card.  Major credit card companies typically guarantee that cardholders will not be responsible for fraudulent charges.  Please review your account statements for any unauthorized activity regularly," Bober added.

Malware that targets PoS systems is increasingly problematic. Last month, the Department of Homeland Security released a report to warn organizations that cybercriminals are using remote desktop tools in an effort to install malware on PoS systems.

The data breach suffered by the retailer Target last year perfectly illustrates the impact of a cyberattack involving PoS malware. The company announced last week that it expects to record gross breach-related expenses of $148 million (partially offset by a $38 million insurance receivable) in the second quarter of 2014. 

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.