There has been another major data breach, and this time, the victim is Avanti Markets. You probably know Avanti Markets because of their food kiosks you might have already enjoyed since they are an often sight in major companies’ breakrooms.
During the data breach, a lot of sensitive data got stolen, and it is now suspected that the theft may have an impact on over 1.6 million people. A company from Washington called the Tukwila has stated that the stolen data includes email addresses of the employees, their payment card info, and maybe even their biometric authentication data.
This is the main issue because it concerns another security procedure, in which someone’s physical characteristics are used to provide access to restricted areas. With information like this, hackers can, for example, make a copy of an employee’s thumbprint and use it to access company’s grounds.
The company left a blog post on Monday in which they admit that there was a pretty sophisticated malware attack that was discovered on July 4. During the attack, several Avanti Markets kiosks were affected.
According to the company’s statement, the investigation has already uncovered that the malware was made in order to steal employees’ data. However, they are still unsure if this was the single purpose of the attack.
So far, it was discovered that malware has collected users’ information. The precise pieces of info that were stolen include the payment card data of the users, their card expiration dates. account numbers, first and last names, and even email addresses.
As for the biometric data that was stolen by intruders, Avanti has decided not to share more details on that. We don’t even know which info was accessed. However, since many of the kiosks have a fingerprint scanner installed, that seems to be the most probable answer.
The exact impacted locations are currently still a mystery, just like the precise time of the breach itself. The company claims that not all of the kiosks are neither used nor configured in the same way, which means that this breach might only affect some of them.
Of course, after discovering the attack, the company hired a forensic investigation company. They also informed the FBI about the incident, and as an extra precaution, they even shut down payment processing at multiple locations.
According to Avanti’s website, this company serves around 1.6 million people in 46 different states. Because of the breach, they advised all of the potential victims to pay close attention to their finances. They were also advised to inform security bureaus about potential identity thefts.
This is not the first, and definitely not the last data breach that we have witnessed recently. These kind of attacks on different companies are getting more and more often, which is starting to cost – a lot.
For example, over 34% of the companies from the US have had some kind of security breach only during the last year. Statistics predict that, in only three years, overall finance losses to cybercrime will exceed $6 trillion annually. That means that the losses to cyber criminals will double compared to what they were in 2015.