Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Natural Grocers Investigates Data Breach

Natural Grocers is investigating a breach impacting customer payment card data.

Natural Grocers is investigating a breach impacting customer payment card data.

The incident has been contained, and the company said law enforcement is investigating the matter. So far, Natural Grocers has not received any reports of fraudulent use of customer information, and there is no evidence any PIN numbers or card verification codes were accessed. In addition, the company said no personally-identifiable information such as names, addresses or social security numbers was compromised as the company does not collect that type of information as part of its payment processing system.

“While its investigation is ongoing, Natural Grocers has accelerated pre-existing plans to upgrade the point-of-sale system in all of its store locations with a new PCI-compliant system that includes point-to-point encryption and new pin pads that accept “chip and PIN” cards,” the company said in a statement. “These upgrades provide multiple layers of protection for cardholder data. The company is in the process of installing this new system at all 93 Natural Grocers stores in 15 states.”

According to security blogger Brian Krebs, the attackers broke into Natural Grocers just before Christmas by attacking vulnerable database servers. From there, they were reportedly able to pivot around the network and infect the PoS systems.

“The movement of the attackers laterally within the internal network underscores a reality of modern networks: attacks are automated, patient, multi-step, and multi-phase,” said Steve Hultquist, chief evangelist at RedSeal. “Attackers probe for weaknesses, then use each weakness to dig further into the network, uncovering more weaknesses and further value each step.”

The news adds another name to the growing list of companies impacted by attacks on point-of-sale (PoS) systems. According to Trend Micro, the United States accounted for 30 percent of PoS malware infections in the third quarter of 2014. The trend of infections may have a lot to do with the growth of ready-to-use point-of-sale malware kits, which security firm Crowdstrike noted has been on the upswing. The prices for these kits vary, with the more sophisticated ones going for hundreds or potentially thousands of dollars. The less complex kits however can sell for just tens of dollars.

“Malware such as BlackPoS requires a bit of strategic planning on the part of the adversary; much of the system lacks the point-and-click intuitive nature of commodity botnets,” Crowdstrike noted in its recent Global Threat Intel Report. “For less-organized or less-skilled adversary groups, an off-the-shelf kit such as Dexter PoS may allow for exploitation and offensive capabilities that may not otherwise be possible.”

“The large majority of company transactions are processed through everyday applications…and hackers know that their actions are often hidden in the large volume of data generated through normal user activities— making it an ideal hacking target,” said Matt Zanderigo, product marketing manager at ObserveIT. “By knowing that their activities won’t raise alarms, the end result is that these companies only find out a breach has occurred when bank investigators see large batches of card numbers go up for sale on the black market.”

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

Cybersecurity and data protection company Acronis has appointed Gerald Beuchelt as CISO.

Adam Zoller has joined CrowdStrike as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.