Rutter’s, a chain of convenience stores in the US, has announced a payment card breach that affected more than 70 locations.

The breach is said to be the result of malware. The malware gathered payment card data from POS devices at some of Rutter’s convenience stores and fuel pumps.

It infected the majority of Rutter’s locations between 1 October 2018 and 29 May 2019.

According to the retailer, the breach compromised only the card number and expiration date in most cases.

Commenting on the breach, the retailer said: “In addition, it appears that the malware did not copy data from all of the payment cards used during the period that it was present on a given payment processing system.

“There is no indication that other customer information was accessed. Please note this incident is not the result of a handheld “skimmer” being placed on a Rutter’s fuel pump.”

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The breach did not affect card transactions at Rutter’s car washes, ATM’s, and lottery machines in stores, the retailer said.

Rutter’s has already started a probe into the matter after learning of the issue from a third party.

The retailer has already alerted law enforcement agencies of the matter and involved cybersecurity firms for support. The malware has been removed, stated the retailer.

Last month, cybersecurity firm Gemini Advisory said that credit and debit card data compromised during a breach at convenience store chain Wawa were put up for sale on the dark web Joker’s Stash. The breach is said to have affected 30 million payment cards.