Point-of-Sale Vendor NEXTEP Probes Breach

[InfoSec News <alerts () infosecnews org>]

http://krebsonsecurity.com/2015/03/point-of-sale-vendor-nextep-probes-breach/

By Brian Krebs
Krebs on Security
March 9, 2015

NEXTEP Systems, a Troy, Mich.-based vendor of point-of-sale solutions for 
restaurants, corporate cafeterias, casinos, airports and other food 
service venues, was recently notified by law enforcement that some of its 
customer locations have been compromised in a potentially wide-ranging 
credit card breach, KrebsOnSecurity has learned.

The acknowledgement came in response to reports by sources in the 
financial industry who spotted a pattern of fraud on credit cards all 
recently used at one of NEXTEP’S biggest customers: Zoup, a chain of some 
75 soup eateries spread across the northern half of the United States and 
Canada.

Last week, KrebsOnSecurity reached out to Zoup after hearing from 
financial industry sources about fraud patterns indicating some sort of 
card compromise at many Zoup locations. Zoup CEO Eric Ersher referred 
calls to NEXTEP, saying that NEXTEP was recently informed of a security 
issue with its point-of-sale devices. Ersher said Zoup runs NEXTEP’s 
point-of-sale devices across its entire chain of stores.

In an emailed statement, NEXTEP President Tommy Woycik confirmed Ersher’s 
account, but emphasized that the company does not believe all of its 
customers are impacted.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/