View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Verifone begins network breach investigation

Brian Krebs: “On Jan. 23, 2017, Verifone sent an “urgent” email to all company staff and contractors".

By Tom Ball

Verifone is carrying out an investigation following a network breach that may have impacted multiple firms carrying its devices. Brian Krebs, an American investigative reporter who focuses on cyber criminals has made a detailed analysis of the situation.

Krebs highlights the reaction to the possible breach and says in the post: “On Jan. 23, 2017, Verifone sent an “urgent” email to all company staff and contractors, warning they had 24 hours to change all company passwords.”

As reported by Krebs, Verifone spokesman Andy Payment said: “In January 2017, Verifone’s information security team saw evidence of a limited cyber intrusion into our corporate network.”

“Our payment services network was not impacted. We immediately began work to determine the type of information targeted and executed appropriate measures in response. We believe today that due to our immediate response, the potential for misuse of information is limited.”

Referring to information supplied to Krebs via a source, he said: “the intrusion impacted at least one corner of Verifone’s business: A customer support unit based in Clearwater, Fla. that provides comprehensive payment solutions specifically to gas and petrol stations throughout the United States — including, pay-at-the-pump credit card processing; physical cash registers inside the fuel station store; customer loyalty programs; and remote technical support.”

Read more: Hackers still ahead despite advances in cyber security, says Accenture

Verifone is well established, having been founded in 1981, and it is now present in over 150 countries. The wide span of this technology provided by Verifone makes the breach concerning, as people across the entire United States are utilising the systems daily, this can then be combined with the question of how long the breach went unnoticed.

According to Krebs, his source said that, “Visa and MasterCard were notified that the intruders appeared to have been inside of Verifone’s network since mid-2016.” Additionally, Krebs reports that his source said: “there is ample evidence the attackers used some of the same tool sets and infrastructure as the cybercrime gang that last year is thought to have hacked into Oracle’s MICROS division.”

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.