According to AZfamily.com, all of the victims in these cases had used their card at Basha’s or one of its associated store brands like AJ’s Fine Foods or Food City.
The Pinal County Sheriff’s Office believes that the company is the victim of an attack by hackers, who accessed the system used by Basha’s to capture payment information from debit/credit card users.
The company claims that the malware used in the attack has been contained and that all affected customers have been reimbursed. However, it is still suggesting that all customers check their card accounts for questionable transactions.
“Numerous investigators from various law enforcement agencies are working around the clock to find those responsible and put them behind bars,” said the Sheriff.
“Bashas’ is and has been compliant with all Payment Card Industry (PCI) security requirements,” said the company in a statement. “However, we recently located and removed a highly-sophisticated piece of malware that has never been seen before in the industry. The malware has been identified and contained, and we are working with forensic specialists and federal law enforcement officials in their investigation to find those responsible.
“We’ve also installed additional security measures (beyond what is required by the industry) to our point of sale and enterprise systems to further protect our customers’ information from such attacks in the future.”
Thanks to Sherri for the tip!