Verifone Systems Inc is investigating a breach of its internal networks that appears to have impacted a number of companies running its point-of-sale card terminals, Krebs on Security said on Tuesday in a blog post citing sources.
"Verifone says the extent of the breach was limited to its corporate network and that its payment services network was not impacted," according to the blog. (bit.ly/2mTIgu9)
According to third-party forensic teams, the cyber attempt was limited to about two dozen gas station convenience stores and occurred over a short period of time, Verifone spokesman Andy Payment said.
No other merchants were targeted, Payment added.
"We are currently investigating an IT control matter in the Verifone environment," a Verifone executive had said in an internal memo that was posted on the Krebs on Security blog.
On Jan. 23, Verifone had sent an urgent email to staff and contractors, warning they had 24 hours to change all company passwords, according to the blog.
The email was in response to a notification that Verifone got from Visa Inc and Mastercard Inc just days earlier in January, the blog reported.
Verifone spokesman Payment also said there were no adverse events or misuse of data from the incident.
Large retailers such as Target Corp and Home Depot Inc have been victims of security breaches in recent years.
Mastercard did not respond to a request for comment, while Visa declined to comment.
Verifone shares closed down 1.7 percent at $20.10 on Tuesday.
(Reporting by Aishwarya Venugopal in Bengaluru; Editing by Shounak Dasgupta)