Scope (?):  All Topics
2 4 6
10 8 2
Hot or Not?

Aldi Stores Notice Regarding Hacked Card Readers in 11 States

submitted on October 5, 2010 by pablos17 in "Stores / Merchants"
Unfortunately, my wife shops here all the time and her card was compromised. Luckily our bank canceled her card before any malicious transactions could occur, but our bank didn't bother to notify us about her canceled card. This caused a moment of embarrassment when she tried to pay the hospital for our doula. Just want those of you who live in these states to be aware of this situation. Needless to say, we will only use cash at Aldi from now on. I can't believe that someone could get away with placing hacked terminals in this many stores.

  • 82293
    2 11 9
    12 9 2
    Posted by siggy38 on October 5, 2010
    [reply] 4 0
    Thanks for the heads-up pablos.
  • 82299
    11 2 1
    Posted by jack69darin on October 5, 2010
    [reply] 4 0
    I am in the greater Pittsburgh area, and i go to Aldi's and use my debit card all the time. This sucks! Twisted
  • 82549
    Posted by HouTex on October 7, 2010
    [reply] 1 0
    It's apparently not so easy to spot a tampered terminal!

    From -
    Hardware hacks are starting to pose as much of a threat to payment card data as software-based attacks.

    According to a Gartner analyst, "rings of fraudsters, largely from Eastern Europe, that are descending on the streets of America, literally traveling up and down highways and inserting skimming devices on ATM machines."

    The geographic breadth of the Aldi attack suggests intricate planning, said Jim Huguelet, a Sugar Grove, Ill.-based consultant, who advises clients on payment security issues. "It looks like this was the work of a network of criminals who went into stores and somehow distracted store personnel long enough to take out PIN pads and swap them out with retrofitted devices" designed to steal payment data, he said.

    The theft of the PIN data suggests that the crooks most likely used a transparent overlay of some type so that that customer PIN numbers could be captured before it was encrypted, Huguelet said. It is also more than likely that the rogue PIN pads allowed the attackers to capture payment card data wirelessly from within the store itself or from a nearby location such as a parking lot.

    The tampering likely occurred over a period of several months, he said.

    Also driving the trend is the easy and growing availability of sophisticated counterfeit payment terminal kits designed for use in such schemes. Many of the rogue kits offer virtually the same appearance and functionality as terminals used in stores. The rogue devices also support Bluetooth and GSM to enable quick, wireless transfer of stolen payment card data, he said.

Leave a Comment (members Sign in to comment)


E-Mail (will not be published)

2 x 3 = ?


'Mr Green''Neutral''Twisted''Arrow''Eek''Smile''Confused''Cool''Evil''Big Grin''Idea''Red Face'



Browse by tags