America’s Thrift Stores, which operates 18 donation-based thrift stores across five states, is the latest organization to discover it has been hit by a cyberattack.
The company recently learned it was a victim of a data breach that originated through software used by a third-party service provider.
America’s Thrift Stores confirmed it has been working with an independent external forensic expert, as well as the U.S. Secret Service, to investigate the breach, which it believes affected sales transactions between Sept. 1, 2015 and Sept. 27, 2015.
The malware-driven security breach resulted in the theft of customers’ payment card numbers and expiration dates, but America’s Thrift Stores confirmed the U.S. Secret Service does not believe customer names, phone numbers, addresses or email addresses were compromised in the attack.
“This breach allowed criminals from Eastern Europe unauthorized access to some payment card numbers,” the company’s CEO, Kenneth Sobaski, said in a statement.
“This virus/malware is one of several infecting retailers across North America.”
According to security blogger Brian Krebs, sources at several banks reported a pattern of fraud on payment cards used to make purchases at America’s Thrift Stores, meaning the cybercriminals may have used “data stolen from the compromised point-of-sale devices to counterfeit new cards.”
As PYMNTS reported yesterday (Oct. 12), the costs of cybercrime for businesses is rising at an alarming rate, with U.S. companies feeling the brunt of the financial burden.
In the latest report on the true costs of cybercrime, Hewlett-Packard issued a report in tandem with Ponemon via the latter’s Institute on Cyber Crime earlier this month. The report states that the U.S. is especially hard hit by hacking, as cyberattacks cost U.S. firms, on average, $15.4 million annually, which is double the $7.7 million global average (which is a bump of 1.9 percent over last year, after adjusting for currency changes). For the U.S., the latest average costs represent a significant jump from the $12.7 million seen in 2014.