The Department of Homeland Security has issued an alert about the potential risks of data breaches at the point of sale caused by a type of malware known as Backoff, which has already affected more than 1,000 businesses.
This is the second warning issued by DHS.
How 'Backoff' Malware Works and Why Banks Should Care
Over the past year, according to a joint advisory from the National Cybersecurity and Communications Integration Center, United States Secret Service, and third-party partners, Backoff has been remotely accessing administrator accounts of various businesses to extract consumer payment data. The Secret Service found that "numerous businesses throughout the United States" have suffered from network intrusions facilitated by Backoff malware, with at least seven vendors confirming they had multiple clients affected.
Estimations so far suggest that more than 1,000 businesses have already been affected. No specific information was provided about how many banks have suffered such breaches. Reporting on additional compromised locations continues, the document notes.
The DHS alert "strongly recommends" businesses' technology teams, vendors of POSs and anti-virus systems, and managed service providers assess their software to ensure they are not compromised and to minimize system vulnerabilities.