Several Safeway stores in California and Colorado recently leaked customer credit card information.
According to Krebs on Security, sources at multiple financial institutions confirmed that they are tracking patterns of fraud back to the grocery chain. What's interesting about this case is that, rather than malware, thieves used skimmers to installed on credit card readers to steal customer information.
Skimmers are pieces of hardware installed on credit card readers that take the information off magnetic strip cards but still allow the transaction to go through. The most common occurrences of skimmers are at ATMs or gas stations, but there are examples of skimmers being implemented inside of stores as well. Some of these stores include Michaels in 2011 and Barnes & Noble in 2012.
Because of the complexity involved in installing skimmers inside of point of sale hardware, these situations most likely involve an inside source. As as criminals need to retrieve the skimmers in order to get the information off of them, the fact that, with the Safeways incident, many fraudulent activity on cards occurred shortly after the initial purpose seems to support the theory of a connection to a Safeway employee.
The detail in the transactions allowed the financial institutions to identify specific checkout lanes that were impacted. A later report from the Denver Post narrowed down the skimmers in Colorado to just the self checkout lanes at three locations in the state.
Situations like these showcase the importance of a robust disaster recovery plans. To find help develop a plan for your business, consider seeking the advise of a disaster recovery planning consultant.