Case Study: Global Gas Station Retailer limits credit-card skimmer impact and protects customers with Palo Alto Networks Unit 42

Retailer evaluates impact of credit card skimming attack with analysis from Unit 42

A global gas station retailer discovered a Bluetooth-enabled credit card skimmer mounted on a POS PIN pad after a manager spotted it on surveillance footage. Concerned about customer privacy and brand reputation, the company removed the device and engaged Palo Alto Networks Unit 42 to determine the scope, timeline, and potential need for customer notification.

Unit 42’s digital forensics team dismantled the skimmer, built a custom jig to access its Bluetooth module, and extracted the storage chip to recover cardholder data and transaction timestamps. Their analysis showed only a few dozen cards were compromised, enabling targeted bank notifications, limited customer impact, and timely card replacements—while also giving the retailer clear forensic findings, remediation steps, and improved defenses against future skimmer attacks.