Harbortouch payments compromise

harbortouchLast week, Allentown, Pa. based point-of-sale (POS) maker Harbortouch disclosed that a breach involving “a small number” of its restaurant and bar customers were impacted by malicious software that allowed thieves to siphon customer card data from affected merchants. KrebsOnSecurity has recently heard from a major U.S. card issuer that says the company is radically downplaying the scope of the breach, and that the compromise appears to have impacted more than 4, 200 Harbortouch customers nationwide.

In the weeks leading up to the Harbortouch disclosure, many sources in the financial industry speculated that there was possibly a breach at a credit card processing company. This suspicion usually arises whenever banks start feeling a great deal of card fraud pain that they can’t easily trace back to one specific merchant (for more on why POS vendor breaches are difficult to pin down, check out this post.

Some banks were so anxious about the unexplained fraud spikes as stolen cards were used to buy goods at big box stores that they instituted dramatic changes to the way they processed debit card transactions. Glastonbury, Ct. based United Bank recently included a red-backgrounded notice conspicuously at the top of their home page stating: “In an effort to protect our customers after learning of a spike in fraudulent transactions in grocery stores as well as similar stores such as WalMart and Target, we have instituted a block in which customers will now be required to select ‘Debit’ and enter their ‘PIN’ for transactions at these stores when using their United Bank debit card.”

In a statement released last week to KrebsOnSecurity, Harbortouch said it has “identified and contained an incident that affected a small percentage of our merchants.”

“The incident involved the installation of malware on certain point of sale (POS) systems, ” Harbortouch said in a written statement. “The advanced malware was designed to avoid detection by the antivirus program running on the POS System. Within hours of detecting the incident, Harbortouch identified and removed the malware from affected systems. We have engaged Mandiant, a leading forensic investigator, to assist in our ongoing investigation.”

The company said the incident did not affect Harbortouch’s own network, nor was it the result of any vulnerability in the PA-DSS validated POS software.

Harbortouch North Carolina

Harbortouch QSR

Harbortouch system

Harbortouch order supplies

Harbortouch POS system complaint