Harbortouch POS Systems Incur Possible Data Breach
Harbortouch, a manufacturer of point-of-sale terminals, may be the latest company to suffer a data breach. KrebsOnSecurity reported that malware had been used to target Harbortouch POS systems, affecting approximately 4,200 of their customers which are mostly bars and restaurants.
The company said the breach was identified and contained within hours of the incident, and the malware did not reach all Harbortouch products. Only certain merchants were affected by the breach.
“This malware incident impacted individual merchant locations, not Harbortouch. Harbortouch is not a processing platform, not a gateway and we do not store any cardholder data,” Nate Hirshberg, marketing director at Harbortouch, told Krebs. “This is not an ongoing incident and the malware was eliminated rapidly upon detection.”
Krebs received word from one unidentified major U.S. card issuer that Harbortouch is significantly downplaying the reach of the breach. Despite the fast detection and eradication of the issue, there could be many customers who may have been impacted by the malware.
Harbortouch is now working with security firm Mandiant to investigate the breach and identify card issuing banks that may have been affected.
“Those banks can then conduct heightened monitoring of transactions to detect and prevent unauthorized charges,” the company said. “We are also coordinating our efforts with law enforcement to assist them in their investigation.”