Verifone Latest Victim In Assaults on High-Profile Payments Platforms

March 7, 2017         By: Mike Dautner

It would seem that it is indeed the case that Verifone has fallen victim to hackers trying to breach the company’s mainframe.

Currently the company is investigating a breach of its internal computer networks that at this juncture, appears to have only impacted several companies running its POS solutions.

It doesn’t seem too detrimental at the moment as the company claims that the breach was limited to its corporate network and that its payment services network was not impacted. All is a bit unclear presently, but it definitely is not a good sign for the the major payments solution provider.

Based out of San Jose, Verifone is considered among the largest makers of credit card terminals within the U.S.

It is a giant in the point-of-sale terminals industry, offering its services to support the swiping and processing of credit and debit card payments at a plethora of businesses, including retailers, taxis, and fuel stations.

As of January 23rd 2017, Verifone sent an urgent email to all Verifone staff and contractors, warning they had about a full day to change all company passwords.

“We are currently investigating an IT control matter in the Verifone environment,” reads an email memo penned by Steve Horan, Verifone Inc.’s senior vice president and chief information officer. “As a precaution, we are taking immediate steps to improve our controls.”

“Breaches will remain a permanent part of our 21st century existence and hackers will maintain an advantage. They constantly probe for weaknesses in access controls, authentication methods, and other areas so that they can launch focused attacks using all of their means against specific weaknesses while the good guys are forced to spread their resources across a seemingly limitless number of potential vulnerabilities,” commented John Gunn, CMO, VASCO Data Security.

“Only little information is available about the incident, but despite of Verifone clearing siren for the payment system remaining intact, there are many ways an infection can propagate from the enterprise network to the payment system,” commented Itsik Mantin, director of security research at cybersecurity firm Imperva (

“Whether or not it happened depends on many factors, one of the most important ones is how much time had passed from the breach to its discovery. From what we know, breaches remain undiscovered for weeks, months and sometimes even years, when during this period attackers can collect sensitive data and record users credentials without interference, and then a single user that uses the same or similar password to access both the enterprise network and the payment system, can be the bridge for the attacker to travel between the systems,” continued Mantin.

“With cyber criminals becoming more and more sophisticated and creative, they will continue finding their way in and we will continue hearing about breaches exposed. The challenge for organizations today is, even when losing some battles, keep winning the war. Security officers should operate under the assumption that the attackers are already inside their systems, looking for ways to deepen their grasp and crawling searching for business-critical data.”