Across the United States, a Denver based company, Service Systems Associates (SSA), functions as a credit and debit card processing system for many zoos and other cultural centers. According to Brian Krebs of KrebsonSecurity, this past week the company acknowledged that there has been a breach in some of their processing systems. Customers that have used their debit or credit cards at certain facilities between March 23 and June 25, 2015 may have had their information compromised. CBS Detroit reported that SSA is investigating a breach that may involve point-of-sale malware. The processing company is working with law enforcement officials as well as a third-party forensic investigator, Sikich.
A statement issued by SSA states that even though there is still an investigation being conducted, any malware that caused the breach has been removed. All customers should feel free to use their debit or credit cards at any SSA venue. Though there has been no comment on exactly which zoos and gift shop locations had been affected by the breach, financial sources estimate there are locations in at least two dozen major cities, Houston as one of them.
Over the past two years, point-of-sale malware has been the main cause of credit card breaches. The malware was used mainly at point-of-sale vendors. Thieves can use the information acquired to make fake gift cards or encode data on a magnetic strip to make a new credit card. The real claim to fame of the malware was when hackers were able to download it on point-of-sale devices, such as card readers, and breached major institutions such as Target and Home Depot.