And now Brian Krebs is reporting that there is a suggestion that Staples Inc. is undertaking an investigation of a data breach relating to its northeastern US stores, in and around the New Jersey area.
It's now almost a year since Target was breached over the Thanksgiving Holidays, an attack which was subsequently revealed to have used a variant of the BlackPOS RAM scraping malware dubbed Reedum. New Zero Day variants of the trojan would still evade AV detection as easily as the Reedum malware at Target, but Windows file integrity monitoring-based host intrusion detection technology would at least have provided a means of detecting the breach and the opportunity to prevent any significant losses. How many more warnings do retailers need before they take proper steps to protect their POS systems and follow the guidance of PCI DSS Compliance?