WSET.com - ABC13Hackers Steal Credit Card Information From Amherst Co. Store

Amherst Co., VA - Dozens of people have had their credit card information stolen in Amherst County over the past three months. But the suspects are thousands of miles away.

The sheriff's office says the one common thread between the more than 100 thefts is the Country Corner Market in Madison Heights.

But they say no employees at the store are to blame because a computer network was hacked, allowing a program to send all of the numbers to several locations overseas.

Store owners have now made security upgrades.

PRESS RELEASE

The Amherst County Sheriff's Office has been investigating a series of Credit Card Number Thefts occurring in the county over the past 90 days, involving well over 100 compromised cards.

Investigators were able to determine that the credit card numbers were all compromised at a single business in the county, the Country Corner Market. Through the investigation it was discovered that the business' computer network had been compromised by a very sophisticated Trojan / program. This particular Trojan allowed remote users to install another sophisticated program that collected credit card numbers as they passed through the cash register program. This computer program and its subsequent data dumps were traced to several overseas locations.

As a result of this investigation, the store's network system was upgraded and is no longer felt to be vulnerable to outside attack.

Sheriff's Office Investigators have worked very closely with the owners of the Country Corner Market and the affected financial institutions. Further assistance was provided by the Central Virginia Computer Crimes Task Force and the U.S. Secret Service.

This incident involved victims from throughout the area and is not confined to Amherst County. As with most credit card fraud cases, the final victim in these cases is the financial institution as they bear the costs of fraudulent activity.

This incident was not made public as the investigators had to rule out any local suspects. At this time it has been satisfactorily determined that the suspect(s) reside overseas and that access to the compromised computer system has been blocked.