Malware data breach hits Avanti micro market kiosks; company urges customers to protect private information

| by Elliot Maras
Malware data breach hits Avanti micro market kiosks; company urges customers to protect private information

Photo courtesy of iStock.

Avanti Markets, a provider of self-serve break room kiosks to thousands of locations in 46 states, reported that malware attacked a number of kiosks on July 4 and has advised customers to take action to prevent identity theft. The company has not yet confirmed the cause of the attack, but said the attackers utilized malware to gain access to customers' personal information from some kiosks.

A notice on the company website from John Reilly, company president, said the malware was designed to gather payment card information, including the cardholder's first and last name, credit/debit card number and expiration date. Users of the company's Market Card option could also have had their names and email addresses compromised, as well as their biometric information if they used the kiosk's biometric verification option.

The company has taken steps to secure its information systems, including changing passwords and other measures.

Cyber security firm confirms attack

RiskAnalytics, a cyber security firm, reported in a blog that its ThreatSweep platform at about 6 a.m. on July 4 determined that a break room kiosk at a customer's office had been infected with a point-of-sale malware called PoSeidon and FindPOS.

RiskAnalytics reported that kiosks operated by certain Avanti Markets operators were impacted. Kiosks operated by at least two operators were impacted in two different cities, the security firm reported, but it is not naming the operators since it has not been able to contact them directly.

Avanti Markets stated on its website that it has retained a forensic investigation firm and outside legal counsel to assist with its investigation, and has notified the FBI and other law enforcement agencies. Payment processing has been discontinued at some locations and the company is working with its operators to purge affected systems of malware.

Number of affected kiosks uncertain

Reilly told Q13 Fox he doesn't know the exact number of kiosks affected, but he estimated the breach affected about 20 percent of the company's kiosks. He said the breach would only have affected machines with older style card readers. The company has been retrofitting kiosks over the past three months, he said. Customers purchasing items at newer kiosks or using a thumb print reader would not have been affected by the breach.

Out of 63 Avanti Market kiosks in South-Central Washington state, only four kiosks were reported to be affected, according to The Yakima Herald-Republic. Gary Kruger, information technology manager for Dolsen Cos., parent company for Coca-Cola Bottling Co. of Yakima & Tri-Cities, which installs and services Avanti Markets in the region, said there were most likely few if any affected transactions in the four affected kiosks. Since all four of the locations were closed for the Fourth of July holiday, there were likely few or no affected transactions, Kruger said.

Avanti Markets stated on its website that it will make credit monitoring services available at no cost to those individuals whose personal information has been compromised.

The company is also setting up a call center that will be available to answer questions about the incident.

In addition, the company is implementing an end-to-end encryption solution for all kiosks. 

Payment card users urged to act

Payment card users are urged to take one or more of the following steps to prevent identity theft.

  • Add a fraud alert statement to the credit file at all three national credit reporting agencies: Equifax, Experian and TransUnion. Avanti Markets has alerted creditors of possible fraudulent activity and requests that they contact the customer prior to establishing any accounts in their name.
  • Place a "security freeze" on credit accounts. This means the credit account cannot be shared with potential creditors. Credit reporting agencies charge a $5 fee to place or remove a security freeze unless the person provides proof that they are a victim of identity theft, in which case there is no fee. A copy of a police report, an investigative report or written FTC complaint documenting identity theft must be included to avoid a fee.
  • Request a free credit report by going to 
  • Contact the Federal Trade Commission, the state attorney general's office and law enforcement if identity theft has occurred.

Topics: Repair / Service, Retail, Self-Checkout

Elliot Maras
Elliot Maras is the editor of and

Sponsored Links:

Related Content

Latest Content

Get the latest news & insights





Haptic technology: how it will unlock the potential of touch in self-serve kiosks