Back when I posted about the 868,000 Payment Cards, 330 Stores, it was recently revealed that the exposure was due to C&K Systems.
All 20 previously affected Goodwill members have stopped using C&K Systems to process customers’ payment cards… Earlier this month, Goodwill said the breach stemmed from malware known as RAW.PoS, which was used to compromise a third-party vendor. Information exposed in the breach includes names, payment card numbers and expiration dates.
While details on the attack on C&K Systems are scarce, two security experts say it’s possible the compromise was the result of a remote-access attack.
There is an ever-present possibility that criminals are favoring remote access-type attacks because the log-in credentials needed to access the databases and/or hardware are elements that could easily be obtained through phishing or social engineering, something that is easy to remedy with security awareness training.