Continue Reading Below
The company said it identified three unique attacks that were “likely carried out by sophisticated cybercrime groups.” Two targeted North American fuel dispenser merchants, which it said are an increasingly attractive target for hackers.
“The recent compromises of fuel dispenser merchants represents a concerning trend whereby sophisticated threat groups have identified fuel dispenser merchants as an attractive target for obtaining track data,” the company said.
The attacks, which are carried out on the point-of-sale systems, differ from “skimming” at fuel pumps because the former requires that criminals access a vendor’s internal network.
In one incident, hackers were able to gain access to systems through a phishing email containing a malicious link that was sent to an employee. Through the link, cybercriminals accessed the merchant network and harvested payment card data from there. In the second attack, experts were unable to determine how hackers gained initial access, but magnetic strip data from payment cards appeared to have been targeted specifically.
The third attack occurred at a hospitality merchant.
It is unclear how many accounts are at risk of being affected.
Visa warned in November about the rise of attacks on fuel dispensers. Merchants that have not yet adopted chip technology on terminals are more likely targets for these types of attacks.
The groups that carried out the attacks — including FIN8 — are believed to have ties to vast underground networks so they can easily monetize the stolen data.
Skimming, which requires a small device that copies credit card information, at fuel pumps remains an ongoing threat, too.