Skim Scam: Did Aldi Structure Invite 11-state Coordinated Attacks?
When a gang of
thieves physically tampers with point-of-sale systems, the tampering is usually
a local operation. But that may be changing. Discount grocer Aldi said October
1 it has found tampered payment-card readers in stores in 11 states, spread
from the East coast to Illinois. The retailer said the tampering was only in a
limited number of its 1,100 U.S. stores, and all those stores were clustered
near 10 cities — but the stolen data is being cashed out thousands of miles
away. Part of what made the $70 billion global grocery chain so successful
could be playing a key role in making it a cyberthief target today: The scarcity
of store employees. The 10 areas hit with tampering were Chicago; Indianapolis;
Pittsburgh; Philadelphia (including stores in New Jersey); Atlanta; Washington,
D.C. (including stores in Virginia and Maryland); Rochester, New York;
Hartford, Connecticut; Raleigh, North Carolina; and Charlotte, North Carolina.
The retailer said that the skimming devices were probably placed during June,
July and August.