Brian Krebs reports:
An investigation into a string of credit card breaches at dozens of car wash locations across the United States illustrates the challenges facing local law enforcement as they seek to connect the dots between cybercrime and local gang activity that increasingly cross multiple domestic and international borders.
Read more on KrebsOnSecurity.com.
Some of the car washes were using the same point-of-sale (POS) system, with an older version of pcAnywhere enabled and the default login. As Brian notes, and has been reported on this blog more times than I can count:
Whether the crooks are exploiting software vulnerabilities or weak/default credentials in this case, security experts routinely advise companies to avoid using remote administration tools on point-of-sale devices — or else to severely lock them down with strong passwords and other restrictions. One stubbornly static finding in data-breach reports published annual by Verizon, Trustwave and other companies that get hired to investigate breaches involving card data is that far too many point-of-sale breaches start when the thieves abuse some kind of remote access tool installed on the point-of-sale device itself.