Cyber Incident Victim: Fred's Inc.

In March 2015, an unauthorized individual gained access to two payment processing servers at Fred's Inc., operator of Fred's Super Dollar stores. The intruder installed a malicious program on both servers on March 23, designed to copy payment card data as transactions were routed through these systems following card swipes at point-of-sale terminals. The program captured Track 2 card data, which includes primary account numbers, expiration dates, and card verification codes. The first server ceased transmitting compromised data on April 8, while the second server continued operating with the malicious program until April 24. During this 33-day period, payment card transactions from hundreds of Fred's stores were exposed to potential interception as they passed through the compromised infrastructure. The breach impacted stores across 14 states in the Southern and Midwestern United States.

Fred's Inc. publicly confirmed the security incident in August 2015 after containing the breach. The company's investigation revealed that approximately half of their stores processed transactions through each compromised server, creating two distinct exposure windows. No specific victim count was disclosed, though the scope included hundreds of retail locations operating in Alabama, Arkansas, Florida, Georgia, Illinois, Kentucky, Louisiana, Missouri, Mississippi, North Carolina, Oklahoma, South Carolina, Tennessee, and Texas. In response, Fred's engaged law enforcement authorities to support a criminal investigation and coordinated with payment card networks to address potential fraud. The company implemented enhanced security measures across its systems but did not specify the technical nature of these improvements. Transaction routing through the affected servers was permanently discontinued following the discovery of the breach.