Payments Giant Verifone Investigating Breach

Verifone is investigating a breach of its internal networks that appears to have impacted a number of companies running its point-of-sale card terminals, security reporter Brian Krebs reports. From the report: Verifone says the extent of the breach was limited to its corporate network and that its payment services network was not impacted. San Jose, Calif.-based Verifone is the largest maker of credit card terminals used in the United States. It sells point-of-sale terminals and services to support the swiping and processing of credit and debit card payments at a variety of businesses, including retailers, taxis, and fuel stations. On Jan. 23, 2017, Verifone sent an "urgent" email to all company staff and contractors, warning they had 24 hours to change all company passwords.

Can't wait for full analysis

[s.petry]

All breaches start out being reported small, but tend to reveal much more. It's completely possible that this was an isolated breach, but as a security expert I'll wait for the full release and report. If they were in, they may have much more access than the initial report claims. Perhaps not individual credit card data, but bigger sets of data belonging to vendors.

Re:Even Verifone can't be bothered with security

[FeelGood314]

I did security evaluations of Verifone devices many years ago. They had the only device I ever failed to breach. They seemed to be very detailed oriented and careful. Their devices were also more expensive to make and better put together than their competitors.