DHS Says Target, UPS, Over 1000 Others Were Hacked By ‘Backoff’ Point of Sale Malware

Life certainly has become complicated ever since we stopped bartering goods and services with our neighbors in favor of using cash and credit. Think you're safe to go shopping with your debit card at a major retailer? You'd be mistaken -- according to an advisory put out by the Department of Homeland Security, over 1,000 American businesses have been infected by a cash register malware intended to steal your personal information.

The Point of Sale (PoS) malware is called "Backoff" and so far it's given remote attackers the ability to harvest data from millions of credit and debit cards from consumers without the companies knowing of its existence. At first, Backoff was thought to have only affected a few businesses, but it turns out the malware is much more widespread than that.

Credit Card Scanner
Image Source: Flickr (Mike Mozart)

Last last month, Homeland Security, the Secret Service, the National Cybersecurity and Communications Integration Center, and various partners in the security sector issued a warning to companies to check in-store cash register systems for the Backoff malware, which is named after a word that appears in its code. Prior to that point, Backoff went undetected by antivirus software, The New York Times reports.

Seven companies that sell and manage in-store cash registers have since confirmed that multiple clients have been affected. Only a few of the clients have come forward, including UPS and Supervalu, though the total list is over 1,000 long.

So, what can you do as a consumer? Unfortunately, not much. You can go back to bartering with your neighbor, start paying with cash, or wait this thing out and hope that PoS systems become more secure in the immediate future. In the meantime, keep a close eye on your bank and credit card statements.

blog comments powered by Disqus