"Since July 2016, Visa has received reports of an ATM “Jackpotting” incident targeting ATMs in the Asia-Pacific region. To date, according to public reporting surrounding the incident investigation, four malware file names and three file hashes associated with the malware have been identified. Visa continues to analyze these indicators of compromise (IOCs) associated with this recent incident. While these IOCs are specifically associated with an investigation involving ATMs in the Asia-Pacific region, Visa notes that the methods employed by the criminals in this incident represent a broader criminal threat to ATM manufacturers/models worldwide and their deployers, as per Visa
Each and every size of the business that accepts credit and debit cards on-line or in-person needs to be compliant by PCI DSS. As from January 2017 this requirement will be mandatory to the smaller, level 4 merchants as well.
Business owners need to be aware about the business and financial impact in case of the breach where Visa will be giving a fine of 5,000 dollars monthly until the breach is fixed and the compliance will be achieved. Other card brands would provide with a similar fine in case of the breach and non-compliance.
Visa has highlighted two security issues regarding Magento vulnerabilities and PoSeidon POS malware in the attached data security alerts: