Verifone network compromised by Russian hacking group

1754 Views
Email this to someoneShare on FacebookShare on Google+Share on LinkedInShare on StumbleUponTweet about this on Twitter

Verifone is reportedly investigating a breach of its internal computer networks that appears to have impacted a number of companies running its POS solutions, according to sources.

Verifone says the extent of the breach was limited to its corporate network and that its payment services network was not impacted – according to Krebs online.

On Jan. 23, 2017, Verifone sent an “urgent” email to all company staff and contractors, warning they had 24 hours to change all company passwords.

“We are currently investigating an IT control matter in the Verifone environment,” reads an email memo penned by Steve Horan, Verifone’s senior vice president and chief information officer. “As a precaution, we are taking immediate steps to improve our controls.”

An internal memo sent by Verifone's chief information officer to all staff and contractors, telling them to change their passwords. The memo also users would no longer be able to install software at will, apparently something everyone at the company could do prior to this notice.

An internal memo sent Jan. 23, 2017 by Verifone’s chief information officer to all staff and contractors, telling them to change their passwords. The memo also states that Verifone employees would no longer be able to install software at will, apparently something everyone at the company could do prior to this notice.

The internal Verifone memo — a copy of which was obtained by KrebsOnSecurity and is pictured above — also informed employees they would no longer be allowed to install software of any kind on company computers and laptops.

Asked about the breach reports, a Verifone spokesman said the company saw evidence in January 2017 of an intrusion in a “limited portion” of its internal network, but that the breach never impacted its payment services network.

“In January 2017, Verifone’s information security team saw evidence of a limited cyber intrusion into our corporate network,” Verifone spokesman Andy Payment said.

“Our payment services network was not impacted. We immediately began work to determine the type of information targeted and executed appropriate measures in response. We believe today that due to our immediate response, the potential for misuse of information is limited.”

According to my source, the intrusion impacted at least one corner of Verifone’s business: A customer support unit based in Clearwater, Florida. that provides comprehensive payment solutions specifically to gas and petrol stations throughout the US — including, pay-at-the-pump credit card processing; physical cash registers inside the fuel station store; customer loyalty programs; and remote technical support.

The source said his employer shared with the card brands evidence that a Russian hacking group known for targeting payment providers and hospitality firms had compromised at least a portion of Verifone’s internal network.

Email this to someoneShare on FacebookShare on Google+Share on LinkedInShare on StumbleUponTweet about this on Twitter

About Author

Leave A Reply