First reported by WOKV.com, agents with the FBI and DHS raided the Florida warehouse of PAX Technology. The point of sale technology giant is linked to reports of possible cyberattacks on U.S. and E.U. organizations where the technology is used.

Along with ongoing global computer chip shortages, the timing of the investigation is particularly concerning for retailers and payment processing companies preparing for the holiday season.

FBI Raids PAX, Where POS Devices Are Potentially Compromised

KrebsOnSecurity offered further detail, saying they “heard from a trusted source that the FBI began investigating PAX after a major U.S. payment processor started asking questions about unusual network packets originating from the company’s payment terminals.”

The source revealed that the PAX terminals were being used both as a central location for malicious files (also known as malware “droppers”). This allows payment technology to act as a staging ground for large-scale cyberattacks focused on collecting information such as consumer credit card data.

“FBI and MI5 are conducting an intensive investigation into PAX,” the source said. “A major US payment processor began asking questions about network packets originating from PAX terminals and were not given any good answers.”

Major financial providers (including FIS Worldpay as reported by Bloomberg) have already begun pulling PAX terminals from their payment infrastructure.

FIS Worldpay confirmed that it no longer deploys PAX point-of-sale devices “because it did not receive satisfactory answers from PAX regarding its POS devices connecting to websites not listed in their supplied documentation.”

“While we have no evidence that data running through PAX POS devices has been compromised, we have been working directly with clients to replace those devices with other options at no cost to them and with as little disruption to their business as possible,” FIS Worldpay states. “The spokesperson said fewer than 5% of Worldpay clients currently use PAX point-of-sale devices.”

While specific details about the strange network activity that prompted federal investigators are unknown, the investigation remains active and ongoing.

It’s worth noting that POS terminals and the technology that supports them are often a primary target for malware and criminal attacks.

It is not uncommon for payment terminals to be compromised remotely by malicious software and made to collect and transmit stolen information. Notable point of sale breaches include Heartland Payment Systems (100 million payment cards affected in 2008) as well as the Target and Home Depot thefts of roughly another 100 million credit cards in 2014.

PAX Technology’s Official Response to Cyberattacks

The Shenzhen-based company is quoted in Reuters with the following statement:

“As far as the board is aware … there has neither been any reported cyberattack incidents nor cyber attack complaints, including any breach of security protocols, against PAX products and services anywhere in the world.”

PAX’s statement to the stock exchange in Hong Kong as well as a press release on the company’s blog provide further perspective. Trading of the company’s shares resumed on November 1 after a temporary halt.

At Barcodes, Inc., cybersecurity is our primary concern when we procure and deploy POS technology. We encourage you to contact us if you have any questions or if you’re interested in replacing your PAX technology.

Lately we have been hearing more and more cases of retailers having their point-of-sale and payment processing systems being compromised putting their customer’s personal information in the wrong hands. Keeping your POS system secure is critical with today’s common use of online and mobile shopping which have opened up new types of security risks.

This infographic sheds some light the new security challenges retailers are facing today and how there is still a lot of room to improve.