Crooks Nab Payment Details from Fred's Super Dollar Stores Nationwide
Retailer
A hacker implanted data-slurping software into two servers that process information from cards swiped at registers.
The malware was deposited on March 23. The malicious program stopped operating on one server on April 8, and stopped functioning on the other server on April 24.
Customer data compromised during the incident includes card numbers, expiration dates and verification codes.
Hundreds of stores were hit across 14 states, including Alabama, Arkansas, Florida, Georgia, Illinois, Kentucky, Louisiana, Missouri, Mississippi, North Carolina, Oklahoma, South Carolina, Tennessee and Texas.
“Transactions for half of our stores are routed through one server and the other half of our stores are routed through the second server,” Fred’s Inc. officials said in an FAQ.