Chad Kobayashi, retail technology manager of Maverik, described when someone tried to install a skimming device on a store pump. A store employee noticed, called the authorities, and when the police arrived, they confiscated a slew of skimming supplies and a list of 100 more stores, many of them Maverik locations, the culprit was planning to hit.
This was likely a professional skimmer hired by a black-market organization to target stores. Mark Carl, CEO of ControlScan, explained to attendees that many of the data breaches seen in the news are perpetrated by groups like Fin7, a syndicate of professional hackers. “These guys go after any kind of financial information they can get,” Carl said.
They’re not just in the business of skimming, either. Anything from malware to phishing falls within their goals. “These are very sophisticated individuals, and there’s a whole bunch of them. You might ask how big they are. We have no idea, but they’re bigger than you are,” Carl said.
Carl cautioned that c-stores can easily fall victim to these groups, and warned attendees not to forget about the inevitable public relations fallout if any consumer data in their care is compromised by criminal groups such as Fin7.