Malware-based attack targets America’s Thrift Stores

America’s Thrift Stores announced on Friday that payment information of a part of its customers might have been stolen by hackers which used a PoS malware.

America’s Thrift Stores has announced in an official statement that it has suffered a malware-based attack that caused a data breach. According to the company, the threat actors are from Eastern Europe.

America’s Thrift Stores is a charitable company that collects used clothing and household items from local communities and sells them, part of the profit is shared with Christian charities.

The company operates 18 stores in Alabama, Georgia, Louisiana, Mississippi and Tennessee.

“America’s Thrift Stores recently learned that it was the victim of a data security breach that occurred through software used by a third-party service provider. This breach allowed criminals from Eastern Europe unauthorized access to some payment card numbers. This virus/malware, is one of several infecting retailers across North America.” said the CEO of the America’s Thrift Stores , Kenneth Sobaski.

The attackers exploited a software that was used by a third-party service provider, the data breach exposed payment card numbers and expiration dates, according to the US Secret Service the customer personal information (names, phone numbers, emails, and addresses) was not compromised.

“This breach may have affected sales transactions between September 1, 2015 and September 27, 2015. If you used your credit or debit card during this time to purchase an item at any America’s Thrift Store location, the payment card number information on your card may have been compromised.” continues the announcement.

Individuals affected by the data breach are vulnerable to fraud, for this reason it is important that they will monitor the activities related to the credit and debit card and immediately report any suspicious activity to the card issuer and the law enforcement.

Mr Sobaski confirmed that America’s Thrift Stores has immediately reported the incident to the US Secret Service that are investigating the case.

“As soon as we learned of this incident, America’s Thrift Stores began working with a leading independent external forensic expert and the US Secret Service to examine the breach,” its CEO explained. “We have identified and removed malware that was the source of the breach and we continue to take steps to improve security against any future attacks. Shoppers can feel confident using credit or debit cards at any of our store locations.”

However, yesterday the popular security expert Brian Krebs reported that his sources in the banking industry had detected a pattern of fraud on cards used at America’s Thrift Stores, this means that crooks are already managing the stolen data for fraudulent activities.

“Nevertheless, several banking sources say they have seen a pattern of fraud on cards all used at America’s Thrift Stores locations indicating that thieves have been able to use the data stolen from the compromised point-of-sale devices to counterfeit new cards.” said Krebs.

Pierluigi Paganini

(Security Affairs – America’s Thrift Stores, data breach)