When you think of the name Nordstrom, what comes to mind?
A large department store with valuable products at fair prices? Crowds pushing and squeezing their way to critical mass as the last few items left on the sales rack are consumed? How about an easy avenue for thieves to steal your credit cards?
The department store giant garnered unwanted attention earlier this month when they announced that a Florida store fell victim to a team of thieves who attached extremely small devices called key loggers in line with their keyboards where they plug into the registers. These devices look like extensions to a standard keyboard, and they are extremely hard to detect.
According to a statement made by local law enforcement, the men were captured on video adding the devices.
In a nutshell, these small pieces of hardware are designed to capture everything that is typed on the keyboard. This is also the same interface that the credit card machines can use to process credit cards.
Therefore, through this technology, it is possible to steal passwords and credit cards without anyone being the wiser.
In this particular case, Nordstrom believes that they detected the issue and removed the dangerous equipment before the thieves could return and retrieve sensitive information.
The reason this story has captured so much attention is because the devices used are so small that there was an excellent chance that they could have gone unnoticed. Also, more sophisticated models of key loggers have built-in wireless capabilities. They are still only about 1.5 inches long, but they too can steal key stokes, credit cards, or other sensitive data.
In turn, they can then send that data to an outside receiver without anyone coming back into the store. Thieves would be using radio waves to gather sensitive data, and it would be nearly impossible to detect the theft until people noticed the fraudulent charges to their accounts.
The real problem with this type of theft is that there has been a noticeable rise in thieves using these purpose-built devices to assist them with their activities. ATMs and convenience stores have been the two industries most heavily targeted historically, but back in 2011 Michaels had approximately 90 stores in 20 states affected by a similar theft. Unlike Nordstrom, Michaels did not stop the thieves before credit cards were stolen.
We are ushering in a new era in electronic data theft – hackers are adding electronics to POS systems, so look for strange behavior around your registers and devices you do not recognize.
Subscribe to Lumifi's Daily Cybersecurity News Curated by a CISO
We’ve expanded our MDR capabilities with enhanced incident response and security services to better protect against evolving cyber threats.