Sep 192018

Zack Whittaker reports:

Newegg is clearing up its website after a month-long data breach.

Hackers injected 15 lines of card skimming code on the online retailer’s payments page which remained for more than a month between August 14 and September 18, Yonathan Klijnsma, a threat researcher at RiskIQ, told TechCrunch. The code siphoned off credit card data from unsuspecting customers to a server controlled by the hackers with a similar domain name — likely to avoid detection. The server even used an HTTPS certificate to blend in.

Read more on TechCrunch.

Sep 182018

Charlie Osborne reports:

Customers of ABS-CBN may be facing the possibility of the theft of their financial data due to a payment skimmer which has been discovered in the major Filipino broadcaster’s online store.

According to Dutch security researcher Willem “gwillem” de Groot, the payment skimmer has been active since August this year.

ABS-CBN is a media conglomerate based in Quezon City, Philippines. The entertainment company operates the largest TV and cable provider in the country, alongside a variety of television channels and music production outfits.

Read more on ZDNet.

Feb 182018

Notice of Data Breach

On January 19, 2018, HomeTown Bank, N.A. (“HomeTown”) discovered that a skimming/shimming device had been placed on an ATM at the bank’s branch located at 4424 Seawall Blvd, Galveston, TX 77551. Upon learning of the incident, HomeTown promptly launched an investigation and notified law enforcement. HomeTown believes that this incident affected only those individuals who conducted card transactions at the subject ATM 2:00 pm on January 18, 2018 and 2:00 pm on January 19, 2018.

The device may have acquired the following of the affected individuals’ personal information that was stored on the cards used in connection with such transactions during the relevant time period: individuals’ names, card numbers, card expiration dates and personal identification numbers (PINs). HomeTown’s core banking systems were not compromised or impacted as a result of this incident.

Safeguarding the personal information of our members remains of the utmost importance to HomeTown, and the bank has already begun taking measures to help prevent this type of incident from occurring in the future.

Individuals who believe that they may have been impacted by this incident and have questions regarding this incident may contact us at 409-763-1271 ext. 3060 Monday thru Thursday from 8:30 AM to 5:00 PM CST, Friday from 8:30 AM. – 6:00 PM CST and Saturday from 9:00 AM to 12:00 PM CST .

Source: February 17, 2017.  Galveston County The Daily News.

Dec 042017

It’s hard to tell, but it sounds like skimmers were involved in this one? Dunya News reports:

Cyber hackers have stolen at least Rs 10million in a development that was reported Monday from some 600 bank accounts of multiple banks.

One of the victims of the hack, Habib Bank has informed State Bank of Pakistan (SBP) and Federal Investigation Agency (FIA) that has a dedicated cell for cyber crimes.

Read more on Dunya News.

Oct 192017

Chris Mosby reports on an indictment in a 5-state scheme:

In a massive, 26-count indictment 12 people were charged for their role in a massive credit card skimmers fraud. The group placed skimmers on gas pumps in at least five states, including many locations throughout Northeast Ohio.

“This group stole credit card information from thousands of people all over Northeast Ohio just looking to fill up their gas tanks and continue on their way,” U.S. Attorney Justin E. Herdman said. “Instead, these victims had their personal information taken and used to make fraudulent credit cards, which this group in turn used to steal merchandise.”

Read more on Patch.