(update) Virus that hit Mary’s Pizza “so new it was not even in virus database”
David Bolling provides more information on a breach reported here previously:
The Plaza location of Mary’s Pizza Shack has been identified as the target of Internet hackers who penetrated the restaurant’s computer system with a “logger” virus that captured credit card numbers at the transaction terminal.
The presence of a virus was discovered by a corporate official on Feb. 10 after the family-run company received reports from friends about unauthorized credit card charges. CEO Vince Albano, grandson of Mary’s founder Mary Fazio, said the company immediately contacted the four affected credit card companies – VISA, MasterCard, Discover and American Express, and then hired Trustwave, a Chicago-based data security firm recommended by the card companies.
Only credit card numbers were taken by the virus, Albano emphasized, no personal identification information, such as Social Security numbers or bank account records were exposed, although VISA and MasterCard debit accounts were apparently raided. Trustwave identified and removed the virus doing the damage on Feb. 23.
Albano said he was told by Trustwave officials that the virus was so new it was not even in the company’s virus database.[…]
Sonoma police, who have followed the case from the beginning, reported that Mary’s was not the only hacked card terminal in the Valley but they have not yet identified other company victims.
Albano told the Index-Tribune that Sheriff’s Office investigators reported there were at least 70 cases of stolen credit card number use reported, some 50 of which were traced to Mary’s.