You thought you were buying a snack, instead you gave up your personal information.
Avanti has a nice concept. Setting up self service unmanned kiosks in offices, employees can simply and easily pick up snacks, and pay at a convenient terminal. Unfortunately, on the Independence Day holiday, it was discovered that many of these point of sale terminals had been infected by malware.
This malware is a version of the FindPOS malware. Known as a scraper, the application collects information and sends it back to the attackers. It’s quite frightening the information which was collected on customers.
“At this point, it appears the malware was designed to gather certain payment card information including the cardholder’s first and last name, credit/debit card number and expiration date.” states the company in their statement, “In addition, users of the Market Card option may have had their names and email addresses compromised, as well as their biometric information if they used the kiosk’s biometric verification functionality.”
The malware was discovered when affected kiosks began sending this information out of the company’s network. Not all kiosks were affected in the attack, and Avanti has shut down any non-cash transactions at affected kiosks as they work to secure their systems. The company will be offering free credit monitoring services to victims of the breach.
In this IoT world, customers privacy and security are at the mercy of companies we do business with. Far too often we discover that those companies are not current with those security practices, and by the time we find out, it is too late to correct. We, as customers need to take a more proactive approach to our security, and demand that those we do business with are utilizing the best tools to keep us safe.
This IoT world is the perfect environment for BlackBerry’s current direction. Focusing on building a secure platform for other’s to build off of. BlackBerry can provide and maintain a secure platform, in which other’s can place their products. This allows these other companies to focus on their products, knowing the security is taken care of. And this would allow us, the customers, to feel secure in the knowledge we are protected.