Risk Management & Security News
Retailers Scramble to Stop Heartbleed Bug
The bug could cause significant disruptions to the Internet over the next few weeks.
Posted Apr 18, 2014
Detroit Approves New Ordinance for Digital Surveillance
The new regulations place minimum standards for video equipment at city self-serve gasoline stations.
Posted Apr 10, 2014
Companies Will Shell Out $500 Billion to Fix Data Breaches
Many analysts view this as a diversion of capital funds from innovation to maintenance issues.
Posted Apr 9, 2014
End of Windows XP Support Ups Risk of ATM Cyber Attacks
With Microsoft stopping its support of the Windows XP operating system on April 8, ATMs could prove vulnerable to criminal activity.
Posted Apr 2, 2014
Card Companies Form Group to Tackle Data Security
The new group will initially focus on the adoption of EMV chip technology.
Posted Mar 10, 2014
California Legislature Tackles Data Breaches
The head of the California Retailers Association testifies that the U.S. payment system needs a complete overhaul.
Posted Feb 21, 2014
U.S. Senators Ask Federal Reserve to ‘Do More’
U.S. Senators Dick Durbin (D-IL) and Al Franken (D-MN) are urging the Fed to do more to protect American consumers from payment card fraud.
Posted Feb 17, 2014
NACS Partners with Trade Groups on Cybersecurity
NACS joins more than a dozen trade merchant and banking associations to explore ways to better secure financial transactions.
Posted Feb 14, 2014
Concerns That Hinder EMV Smartcard Acceptance
Computerworld targets five issues that could slow down U.S. adoption of EMV smartcards.
Posted Feb 12, 2014
Americans Still Paying With Plastic
The recent spat of data breaches at major retailers has not turned off U.S. consumers from using credit cards.
Posted Jan 29, 2014
Michaels Warns of Possible Data Breach
If confirmed, this would mark the second major data breach by the arts and crafts retailer since 2011.
Posted Jan 28, 2014
FBI to Retailers: Expect More Cyber Attacks
The Federal Bureau of Investigation sent a memo to retailers warning them to prepare for more cyber attacks on consumer card data.
Posted Jan 27, 2014
Bluetooth-Enabled Skimmers Reap Millions From Fuel Pumps
Thirteen people have been charged with stealing millions of dollars from bank data collected from illegal skimmers installed at gasoline stations in South Carolina, Texas and Georgia.
Posted Jan 24, 2014
More Attacks on Merchant Credit Card Processing Systems
A cybercrime firm has uncovered at least six active incidents on U.S. retailers.
Posted Jan 21, 2014
Making a Case for EMV
Come 2015, experts say nearly all credit cards in the United States will be embedded with an encrypted chip that requires a PIN to activate it.
Posted Jan 13, 2014
Target Data Breach Puts Focus on Security
The scrutiny of the U.S. credit card industry continues following the Target data breach.
Posted Jan 7, 2014
Michigan Laws Fight Skimmers
Governor Rick Snyder signed a package of bills into law to protect consumers against ATM skimmers.
Posted Dec 30, 2013
Target Data Breach Reveals Deep Flaws in U.S. System
The United States trails far behind other countries in the use of smart credit cards.
Posted Dec 27, 2013
Target Verifies Data Breach
The U.S. Secret Service has been investigating a huge credit-card breach that started near Thanksgiving sales.
Posted Dec 20, 2013
Michigan Legislator Seeks Two Clerk Mandate
The measure would mandate two clerks working at convenience stores during the hours of 11pm and 5 am.
Posted Dec 11, 2013
NACS, PCATS Support Small Merchant Relief
The two groups fully support the Retail Systems Providers Association’s PCI Special Interest Group proposal regarding real card data risk reduction and compliance.
Posted Nov 15, 2013
Visa Webinar on Skimming, Fraud Protection for Petroleum Merchants
The seminar on November 14, which informs merchants of skimming trends and shares best practices for incident response, requires registration.
Posted Nov 8, 2013
OSHA Revised Hazard Communication Standard Training Requirement Due Dec. 1
Retailers must train their workers in the new OSHA standards by next month or face a fine.
Posted Nov 4, 2013
Violent, Property Crime Rates Jump for Second Consecutive Year
The increases are driven by simple assaults and crime not reported to police.
Posted Oct 25, 2013
Vermont Settlement Triggers Retailer Concern
The agreement shows that states can hold retailers accountable for card fraud losses.
Posted Oct 11, 2013
Indiana Lawmaker Again Pushes for More Security at C-Stores
The representative wants mandatory safety measures in place for 24/7 retailers, but stricter regulations for locations with a history of robberies.
Posted Oct 2, 2013
Preparing for the Unexpected
September is National Preparedness Month — isn’t it time your business had a plan?
Posted Sep 13, 2013
Skimmers Continue to Steal Credit, Debit Card Information
Despite more news reports on the illegal practice, thieves still target gasoline stations to siphon off card data, which is sometimes used to buy massive quantities of fuel for resale.
Posted Aug 30, 2013
Robberies Drop at Central Florida C-Stores, but Not News Coverage
Although robberies have declined, high profile reporting of such crimes continues.
Posted Aug 28, 2013
Seven Arrested in California Skimming Sting
The suspects gathered data to make counterfeit credit cards, which were used to buy gasoline.
Posted Aug 16, 2013
“Sliding” Thefts on the Rise at Dayton Gas Stations
Thieves watch for opportunities to “slide” next to a stopped vehicle, stealing items from unlocked vehicles when drivers enter the store.
Posted Aug 12, 2013
Maryland County Mandates Security Cameras at Convenience Stores
In Prince George’s County, the council passed a measure mandating drop boxes and security cameras for retailers that are open “overnight.”
Posted Jul 30, 2013
NACS, PCATS Propose PCI Small Merchant Special Interest Group
The proposal seeks to create a special interest group at the PCI Security Standards Council that will focus on the inability of small merchants to realistically reduce card data risk.
Posted Jul 29, 2013
Why We Ask for a ZIP Code at the Pump
The store itself doesn’t need a customer’s ZIP code for customers fueling at the pump, but the pump does.
Posted Jul 15, 2013
MAPCO Express Sued Over Malware Attack
Data breach leads to three class action lawsuits seeking unspecified damages.
Posted Jul 10, 2013
Retailer Sues Visa Over PCI Data Breach
A global retailer fights back against PCI non-compliance fees.
Posted Jul 10, 2013
California Data Breaches Escalate
A new state law requires merchants to report breaches involving more than 500 cards to the state attorney general’s office.
Posted Jul 3, 2013
Light-Fingered Employees Increasing
Worker theft is increasing, and new research shows it could get worse.
Posted Jun 25, 2013
PCI SSC Updates PIN Transaction Security Standard
Version 4.0 enhances security for accepting and processing payment cards.
Posted Jun 11, 2013
Skimming Spikes in Central Ohio
Central Ohio investigators and the U.S. Secret Service have reported a flurry of skimming activity in the state.
Posted May 7, 2013
MAPCO Express Experiences Data Security Breach
The retailer took immediate steps to investigate the incident and further strengthened the security of its payment card processing systems to block future information security attacks.
Posted May 7, 2013
Schnucks Credit and Debit Card Breach Exposes 2.4 Million Cards
The breach occurred as card data awaited approval from the card processor.
Posted Apr 18, 2013
Retailers Attacked by POS Malware
Software resellers must do a better job educating merchants about the necessity to upgrade their software, an industry expert says.
Posted Apr 11, 2013
Retailer Sues Visa Over PCI Fines
A Tennessee sportswear company is suing Visa over PCI fines, maintaining hackers did not steal any stored payment card information on its computer network, but tried to access data it was transmitting to credit card processors.
Posted Mar 14, 2013
C-Store Association Criticizes Canada's Citizen's Arrest Act
A new law would allow people to make a citizen's arrest after witnessing a crime, which could put c-store employees in danger.
Posted Mar 13, 2013
PCI Council Tackles Cloud Security Issues
A new PCI SSC document provides cloud service security guidance for auditors and merchants.
Posted Feb 12, 2013
Millions Stolen by Gas Station Skimming Operations
The problem has grown as criminals become more adept at using fake card swipe machines to steal credit and debit card data from fuel pumps and ATMs.
Posted Feb 6, 2013
FBI Reports Robbery Declined 4% in 2011
This marks the fifth consecutive year of an overall decrease in violent crimes.
Posted Oct 31, 2012
Maryland County Tries to Curb C-Store Crime
Prince George, Md., council members are considering a bill that would mandate training and other security measures for retailers open overnight.
Posted Oct 24, 2012
Violent Crime Increases
A new report from the Bureau of Justice Statistics shows that violent crime increased for the first time in 20 years.
Posted Oct 19, 2012
POS Hacking Exposes Security Holes
The attacks highlight an increasing risk for all of those involved in the payments industry, says PCATS.
Posted Sep 20, 2012
PCI Releases Guidelines for Mobile Payment Acceptance
Guidelines offer mobile app developers and handset device manufacturers guidance on security controls.
Posted Sep 20, 2012
MasterCard Extends U.S. EMV Migration Roadmap to ATM Channel
This means that every ATM must comply with EMV standards.
Posted Sep 14, 2012
British Columbia Experiences Influx of Counterfeit Bills
Bogus bills ranging from $20 to $100 are being "spent" in convenience stores, supermarkets and bars.
Posted Aug 15, 2012
Heartland Spearheads Effort to Ensure POS Security
The payments processor aims to limit point-of-sale fraud after suffering its own security breach in 2009.
Posted Aug 10, 2012
Hands Off the Hasselhoff!
Giant photo cutouts of actor David Hasselhoff, which were being used as part of an ad campaign, have been stolen from outside Cumberland Farms stores.
Posted Jul 20, 2012
Bonnie and Clyde Busted for Skimming
The couple installed six skimming devices at a single store with plans to target at least 100 more stores in the Minneapolis area.
Posted Jul 16, 2012
Indiana Rep. Pushes for Mandatory Safety Regulations in C-stores
The Indiana Petroleum Marketers and Convenience Store Association is working with the Late Night Retail Working Group to draft voluntary security measures for retailers.
Posted Jun 14, 2012
Cooking Grease Hot Commodity in New York City
The used fryer oil can be sold for 38 cents per pound.
Posted Jun 13, 2012
Indiana Readies Safety Initiative for Convenience Stores
The state's labor department is working to develop a "culture of safety" for the convenience store industry.
Posted May 30, 2012
PCI Compliance Increases Slightly
Level 1 retailers achieved 98% PCI compliance through March 31, 2012, with Level 2 retailers tallying 92%, and Level 3 retailers coming in at 59%.
Posted May 11, 2012
Indiana Association and State Work to Lower Late-Night Retail Workplace Violence
The Indiana Petroleum Marketers and Convenience Store Association will participate in the Department of Labor's INSafe program.
Posted Apr 25, 2012
Thefts Rise With Self-Checkout Lanes
While some customers enjoy the convenience of checking out themselves, retailers are finding the lanes make it easier for people to steal.
Posted Apr 11, 2012
Gasoline Thefts Rising
High pump prices have triggered increasingly bold robberies of gasoline.
Posted Mar 2, 2012
Google Fixes Security Hole in its Wallet
A vulnerability in the Google Wallet would have enabled people to gain unauthorized access to Google Prepaid Card balances.
Posted Feb 16, 2012
Mississippi Town Repeals Security Guard Ordinance
The Jackson City Council unanimously agreed that the law was too burdensome on convenience stores.
Posted Feb 15, 2012
PCI to Focus on Mobile
Because of its anticipated growth and adoption, mobile presents increasing concerns for the Payment Card Industry Security Standards Council.
Posted Feb 14, 2012
Mississippi Security Guard Faces Repeal
The City Council in Jackson, Mississippi, is backtracking on a controversial mandate that 24/7 convenience stores hire security guards.
Posted Jan 25, 2012
MAG Releases its Roadmap of Electronic Payments
The group advises that the United States undergo a coordinated migration to chip and PIN transactions to support a broad range of payment types and devices.
Posted Jan 13, 2012
Visa Approves Mobile Devices for NFC
Visa said the certified smartphones would encourage other mobile device manufacturers to offer Visa mobile payment functionality to consumers.
Posted Jan 12, 2012
Used Fryer Oil Hot Item for Thieves
Restaurants are seeing more thefts of used cooking oils because of the increased demand for biofuels.
Posted Jan 11, 2012
Tampa "Cigarette Bandit" Targets C-Stores
At least 15 convenience stores have been robbed in the past three months for a total of $30,000 in cigarettes.
Posted Jan 5, 2012
Retailers, Banks Must Align to Fight Fraud
NACS payments consultant Gray Taylor says that card fraud is costing banks and merchants billions of dollars every year, with skimming being the primary culprit � a crime of epidemic proportions where doing nothing is no longer an option.
Posted Oct 31, 2011
Police Bust 111 in Largest U.S. Credit Card Scam
More than 100 arrested in Queens, NY, are being accused of identity and credit card theft.
Posted Oct 11, 2011
Retail Crimes Continue to Rise
The Retail Industry Leaders Association reports that organized retail crime and shoplifting are increasing.
Posted Oct 10, 2011
Verizon Warns That PCI Compliance Remains Problematic
A new Verizon report reveals many businesses are still struggling with security standards compliance, putting consumer data at risk.
Posted Sep 29, 2011
Robberies at Convenience Stores Dropped 14 Percent in 2010
Overall, the number of violent crime fell for the fourth year in a row, according to the FBI, which released its 2010 crime statistics on Monday.
Posted Sep 21, 2011
PCI Council issues point-to-point encryption validation requirements
New document provides vendors, assessors and retailers with guidelines for hardware-based point-to-point encryption implementations.
Posted Sep 20, 2011
Hurricane Preparedness Resources Available
As the tropics heat up, NACS provides several resources on hurricane preparedness and disaster recovery.
Posted Aug 17, 2011
NRF Report Examines "Flash Robs"
"Flash rob" tactics are now involved in 10 percent of multiple offender crimes.
Posted Aug 16, 2011
Skimming at the Pump Threatens Retailers
NACS is working to educate retailers about master-key vulnerability, reminding its members that anyone of their operations could fall victim to a skimming scheme.
Posted Aug 15, 2011
'Flash Robs' Target Convenience Stores, Other Retailers
Large youth groups rush into a store, grab products, and leave the place in shambles.
Posted Aug 3, 2011
Restaurant Breach Causes Consumer Fraud
However, skimming wasn't how credit and debit card information was stolen from a Mexican eatery in Texas.
Posted Jul 29, 2011
Gas Pump Scams on the Rise in Florida
Skimming at the pump has soared in the Sunshine state but security experts say ATMs are more of a target.
Posted Jul 13, 2011
Skimming Devices in Pay-at-the-Pump Continue to Increase
Authorizing transactions would halt the growing trend, NACS says.
Posted Jun 29, 2011
The Slow Rise of Shrinkage
Increased shoplifting from organized crime rings contributed to the slight uptick.
Posted Jun 17, 2011
Citigroup Confirms Data Breach
The company is issuing new cards to its customers as a result of a data breach that occurred in May.
Posted Jun 10, 2011
Pump Skimming Continues
A California community becomes the latest locality to alert residents to the potential dangers lurking inside self-service gasoline pumps.
Posted Jun 6, 2011
Michaels Stores' Data Breach Leads to Suits Seeking Class Action Status
Lawsuits allege violations of the Federal Stored Communications Act and the Illinois Consumer Fraud and Deceptive Practices Act.
Posted Jun 2, 2011
Trial Date Set for Gas Pump Skimming Case
The alleged perpetrator gathered debit- and credit-card information via devices attached to gasoline pumps.
Posted May 25, 2011
FCC: Small Businesses Need to Increase Cybersecurity
A recent study revealed that 74 percent of small and medium businesses were targeted by cyberattackers in the last year.
Posted May 18, 2011
Merchants Getting Proactive In Theft Deterrent
With more organized crime groups swiping large amounts of merchandise, more retailers are fighting back by focusing on ways to prevent such thefts.
Posted May 11, 2011
'Flash Robs' on the Rise
A growing number of stores are being hit by flash mob robberies, where thieves swarm a store.
Posted May 9, 2011
Michaels Reveals Debit Card Data Breach
As of last week, authorities said it was too early to tell whether "skimming" caused the breach at Chicago-area stores.
Posted May 9, 2011
Milwaukee Votes to Add Cameras to Convenience Stores
The city now requires retailers to have two high-definition surveillance cameras.
Posted Apr 22, 2011
Citizen Patrol: Detect Card Skimming
Police are asking citizens for help with detecting card-skimming threats at the pump, but is that enough to successfully stop this illegal activity?
Posted Mar 31, 2011
Card Skimming at Pumps Worldwide Concern
The scam is not limited to stations on U.S. soil.
Posted Mar 21, 2011
Skippy Peanut Butter Recalled in 16 States
Unilever issues voluntary recall of Skippy's Reduced Fat Creamy and Reduced Fat Super Chunk peanut butters after the possible discovery of salmonella.
Posted Mar 8, 2011
Zip Ruling Prompts Consumer Lawsuits
Walmart, Target, Macy's and Cost Plus are just a few of the retailers facing lawsuits.
Posted Feb 17, 2011
f'real� foods Expands Voluntary Recall Of Strawberry Banana Smoothies
Recall prompted by suspected peanut contamination.
Posted Feb 15, 2011
First Data, NRF Release Small Business Data Security Study
Small retailers are aware of data security and fraud prevention strategies but unclear on potential liabilities following a breach or noncompliance.
Posted Jan 13, 2011
Upgrading Your POS is Not Enough!
CIO Data Security Boot Camp provides information on PCI compliance, data security risk reduction and completing SAQs.
Posted Jan 4, 2011
PCI: Smaller Merchants Threatened
Criminals now picking less compliant targets: Level 3 and 4 retailers.
Posted Oct 21, 2010
PCI Council Offers Guidance On Point-To-Point Encryption
Retail standards organization helps clarify where and when to encrypt credit card data.
Posted Oct 12, 2010
Convenience Stores Safe Places
For Jackson, Miss., more robberies happen in homes than in convenience stores.
Posted Oct 6, 2010
Aldi Notifies Customers of Tampered Payment Card Terminals
Skimmers were placed at a number of ALDI locations this past June, July, and August; company urges shoppers to check their card statements.
Posted Oct 5, 2010
Study: Retailers Lost $139 Billion to Fraud
New Lexis Nexis study reveals that for every $100 in fraudulent transactions, retailers incurred $310 in total losses.
Posted Oct 1, 2010
PCI Wireless Scanning Tool Considerations
What to consider when selecting a compliance solution for version 1.2 of the PCI DSS.
Posted Sep 28, 2010
Convenience Store Robberies Down 9.7 Percent
Violent crimes, property crimes are down across the board in the FBI's latest crime report.
Posted Sep 15, 2010
Anti-Muslim Sentiments Spur Concern
With the ninth anniversary of the September 11 terrorist attacks coinciding with the end of Ramadan, misconceptions of upcoming celebrations are raising fears that anti-Muslim sentiment could lead to violence.
Posted Sep 10, 2010
Bank Combats Fraud by Forcing PIN Debit
In three states Bonneville Bancorp has removed the option of signature debit, thereby admitting that PIN debit is in fact a more secure method of debit card payment.
Posted Aug 20, 2010
PCI Update Gets Mixed Reviews
Experts offer mixed reviews, with some calling the proposed changes "a letdown."
Posted Aug 19, 2010
More Credit Card Skimmers Found at Florida Gas Station
The discovery follows the discovery earlier this month of three skimming devices found at two other stations off Interstate-75
Posted Jul 27, 2010
Serial ATM Thieves Discover Easier Method for Robbing Machines
Suspects have turned to using a master key and drill bit combination to steal money.
Posted Jul 20, 2010
Visa Clarifies Security Rules
Merchants may store only partial credit card numbers on the receipts they keep in case charges are challenged.
Posted Jul 16, 2010
PCI Security Standards Council Expands Global Reach
European director appointed to PCI Security Standards Council.
Posted Jul 9, 2010
PCI SSC Stretches Payment-Card Standards Cycle to Three Years
Lengthened cycle will allow merchants more time to understand and implement the PCI data security standards.
Posted Jun 24, 2010
Pennsylvania Governor Signs Organized Retail Crime Bill Into Law
New law is designed to stop professional thieves who make a living out of organized retail crime.
Posted Jun 17, 2010
Mainstream Mention for PCI Compliance
Bloomberg Businessweek tackles PCI Compliance in a general interest blog posting.
Posted Jun 14, 2010
U.S. Requiring Companies to Defend Against Identity Theft
Starting June 1, any business that extends credit to customers must develop plans to detect and prevent such fraud.
Posted May 27, 2010
Gas Station Employee Gets Jail Time for Credit Card Theft
Eight credit cards found in employee's home had been re-programmed with account information from stolen customer cards.
Posted May 18, 2010
Mesa Targets C-Store Crime
Ordinance would require storeowners to install surveillance cameras, alarm system and a drop safe at a per-store cost of about $11,000.
Posted Apr 22, 2010
Meth Makers Won't Give Up
This new method of making meth should not be ignored � particularly because it could bring a moving and highly flammable meth lab into a convenience store parking lot.
Posted Apr 16, 2010
Food Fraud Increasing
Cases of food sold as something other than what it claims to be has been documented in fruit juice, olive oil, spices and fish, among other items.
Posted Mar 31, 2010
Check Your Pumps, ATMs for Skimmers
Utah retailers found eight electronic skimmers at the pumps. Read more about how you can protect your store for this serious security threat.
Posted Mar 26, 2010
Fed Finalizes Prepaid Card Rules
Rules restrict service fees, dormancy, and inactivity on gift cards.
Posted Mar 25, 2010
More Food Products Effected by Recall
Hydrolyzed vegetable protein has been found in more than 100 products.
Posted Mar 17, 2010
Police Uncover Unique Gas Station Gift Card Scam
Men purchased cartons of cigarettes with gift cards that blocked card readers from debiting value.
Posted Mar 16, 2010
Frequent-Shopper Cards Track Salmonella Outbreak Source
The Centers for Disease Control and Prevention used loyalty cards to find out what caused a recent foodborne illness.
Posted Mar 15, 2010
Herr Foods, Pringles Initiate Food Recalls
Both companies are voluntarily recalling certain products because they contain HVP (hydrolyzed vegetable protein) manufactured, distributed and recalled by Basic Food Flavors in Las Vegas.
Posted Mar 11, 2010
U.K.: Credit Card Fraud Losses Drop 28%
U.K. Cards Association attributes sharp drop in fraud to the introduction of Chip and Pin as well as beefed-up fraud detection tools.
Posted Mar 11, 2010
'Skimming' Scheme Larger Than Police Believed
Since the arrest, authorities in Washington, Oklahoma and Texas have reported similar cases.
Posted Mar 9, 2010
Skimming Concerns? Here's What You Need to Know.
With the recent reports of credit card skimming, NACS provides context and tips to mitigate the likelihood that you are a target.
Posted Mar 3, 2010
Study: Protecting Customer Data is a Top Priority for Retailers
A recent report finds that retailers must think about privacy and security in order to build business.
Posted Mar 3, 2010
California Police Nab Two Alleged in Skimming Scam
7-Eleven clerk performing routine maintenance discovered the devices inside one of his store's pumps and notified police.
Posted Mar 2, 2010
Average Annual Cost of PCI Compliance Audit? $225,000.
Roughly two percent of companies undergoing payment-card industry technology reviews fail.
Posted Mar 2, 2010