Eftpos supplier North County Business Products has been hit by a malware attack that infected the sites of 136 clients across the US and lifted comprehensive payment card details from shoppers.

Over a three-week period, the malware collected credit and debit card information, including the cardholder’s name, credit card number, expiration date, and CVV.

NCBP has opened a dedicated helpline for individuals affected by the breach and recommends that consumers shopping at the afflicted stores cancel their cards, notify their banks and impose a freeze on their credit file.