Malware on Buckle's PoS systems found




The Buckle fashion retailer, that manages more than 450 stores across the United States, informs its customers that a malware has been detected on some of its payment systems.

According to the company, the malware was present in the PoS systems of some of the stores between October 28, 2016, and April 14, 2017.

The company hired external cybersecurity experts to investigate the incident and secure its network.

The discovered malware has the ability to steal data from a card’s magnetic stripe, including cardholder name, account number, and expiration date.

The Buckle believes the malicious software has failed to steal data from all transactions via infected PoS systems.

The company reported that all of its stores support EMV (chip card) technology, making it difficult to clone cards using stolen data. Nevertheless, hackers may abuse the compromised card data for various frauds.

The Buckle says there is no evidence that hackers have stolen the customers` social security numbers, e-mail addresses, and physical addresses, as there is no indication that its online store is affected.

“As part of Buckle’s response, connections between Buckle’s network and potentially malicious external IP addresses were blocked, potentially compromised systems were isolated, and malware-related files residing on Buckle’s systems were eradicated. Additionally, Buckle reported a potential incident to the payment card brands and is cooperating with them regarding this incident,” the company said in a statement.

The company, however, has not provided a list of shops affected by the hacker attack.

The news of the attack on Buckle's systems comes just two weeks after the Kmart's payment system, which operates more than 700 stores, was compromised.

Would you like to comment on this article?


Latest news


Industrial cobots can be hacked

IOActive`s cybersecurity specialists have discovered how a remote hacker can hack industrial collaborative robots.


2 infected apps are available for download via the Google Play Store

Cybersecurity experts have discovered two malware-infected apps on the official Google Play Store that are still available for download.


Cybersecurity company warns of new cyber-attacks against Ukraine

Ukraine could be a target of a NotPetya-style attack aimed at destabilizing the country just as it celebrates its 1991 independence from the Soviet Union.

Sign up for our online newsletter!