Card info of 1m Restaurant Depot customers stolen in breach

Customers of US foodservice wholesaler Restaurant Depot and "cash and carry" chain Jetro have begun receiving letters warning them about the possibility of their credit card details having been stolen by cyber criminals.

"Computer forensic investigators we hired to investigate the incident currently believe that unauthorized persons obtained the names of cardholders, credit or debit card numbers, card expiration dates, and verification codes that were on the magnetic stripes of credit and debit cards used at our stores from September 21 through November 18, 2001," says in the notice.

The company says that it has hired Trustwave to mount an investigation on November 10, after having received information that some of its customers were subjected to credit card fraud. Eight days later, Trustwave investigators determined how the breach happened and moved to block further disclosures.

According to Finextra, Trustwave's forensic experts discovered that the theft of the information in question was executed with the use of malware installed onto the credit and debit card processing systems used by the company. The malware would temporarily store the information and ultimately send it to a server located in Russia.

Posted in: Debit Card Fraud Credit Card Fraud Deposit Account Fraud