Data Breach

Retail giant Costco discloses data breach, payment card data exposed

Costco Wholesale Corporation discloses a data breach, threat actors had access to customers’ payment card information.

Retail giant Costco Wholesale Corporation notified its customers of a data breach that might have exposed their payment card information. Data was allegedly exposed while customers were shopping at one of its stores.

Costco discovered the security breach after its staff spotted a card skimming device in one of its warehouses as part of a routine check. The company is investigating the incident with the help of law enforcement and notified the authorities.

The retail giant has 737 membership-only retail stores across the U.S., it is the fifth-largest retailer in the world and the 10th-largest corporation in the country by total revenue. The company also operates eCommerce websites for shoppers in North and South America, Europe and Asia.

“We recently discovered a payment card skimming device at a Costco warehouse you recently visited,” reads the notification letter sent to potentially impacted customers. “Our member records indicate that you swiped your payment card to make a purchase at the affected terminal during the time the device may have been operating.”

Costco revealed that threat actors might have obtained customers’ payment information through the skimmer.

Bleeping Computer reported that some customers claim that the security breach could have taken place in February.

“If unauthorized parties were able to remove information from the device before it was discovered, they may have acquired the magnetic stripe of your payment card, including your name, card number, card expiration date, and CVV,” Costco added.

The company recommends customers monitor their bank accounts and credit card statements for fraudulent activities.

At this time, it is not clear the extent of the security breach, the company did not reveal the number of potentially affected individuals either the warehouse where the skimmer device was discovered.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, skimmer)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access…

7 hours ago

U.S. CISA adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog<gwmw style="display:none;"></gwmw>

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache Tomcat flaw to its Known Exploited…

15 hours ago

Apple backported fixes for three actively exploited flaws to older devices

Apple backports three critical vulnerabilities actively exploited in attacks against older iOS and macOS models.…

20 hours ago

Spike in Palo Alto Networks scanner activity suggests imminent cyber threats

Hackers are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted…

21 hours ago

Microsoft warns of critical flaw in Canon printer drivers

Microsoft’s offensive security team discovered a critical code execution vulnerability impacting Canon printer drivers.  Researchers…

1 day ago

CrushFTP CVE-2025-2825 flaw actively exploited in the wild

Attackers exploit CrushFTP CVE-2025-2825 flaw, enabling unauthenticated access to unpatched devices using public proof-of-concept code.…

2 days ago