Mapco chain says hackers may have gained customer credit or debit info

[Erica Absetz <erica () riskbasedsecurity com>]

http://www.washingtonpost.com/national/mapco-chain-says-hackers-may-have-gained-customer-credit-or-debit-info/2013/05/06/5d932a2a-b6b1-11e2-b568-6917f6ac6d9d_story.html

NASHVILLE, Tenn. — If you shopped at a Mapco convenience store
recently, your financial information may be at risk.

The Tennessean (http://goo.gl/GcmCv ) is reporting that Mapco is
warning that hackers may have gained access to customer debit card and
credit card information.

The Brentwood-based chain says customers who made credit card or debit
card purchases at certain locations during three different time
periods are at risk. Company officials say customers may be vulnerable
if they used cards at those stores from March 19-25, April 14-15 and
April 20-21.

The locations involved Mapco Express, Mapco Mart, East Coast, Discount
Food Mart, Fast Food and Fuel, Delta Express and Favorite Markets. The
stores are located in Tennessee, Kentucky, Virginia, Arkansas,
northern and central Alabama, northern Georgia and northern
Mississippi.

Company officials say it’s not clear whether any card information has
been stolen.

“We regret any inconvenience this criminal act by hackers may have
caused and are enhancing our information security efforts to combat
future information security threats,” Tony Miller, the chain’s
operations vice president, said in a statement. “. We have disabled
the malware that was used in this incident while establishing
additional safeguards designed to prevent his from happening in the
future.”

The hackers targeted systems that transmit card information and
potentially stole financial data that could be used to make fraudulent
purchases.

The company did not provide details on how many customers may be at
risk. The FBI and a computer forensics company are investigating.

Mapco is urging customers to check their card balances and contact
their financial institutions as soon as possible if they think their
accounts have been compromised.

Customers with questions can call (877) 297-2081 for more information.

Copyright 2013 The Associated Press. All rights reserved. This
material may not be published, broadcast, rewritten or redistributed.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.