According to Wired, the security of the EPOS source code at Wal-Mart was hacked as far back as 2005 by a group of East European hackers, and loaded onto servers, also in Eastern Europe.
Wired made the interesting point as to whether major US retailers have been adequately complying with payment card data security standards that have been in place for nearly a decade.
The IT news portal said that, because no customer data was tampered with, Wal-Mart did not publicly disclose the breach, but did report the event to federal law enforcement officials.
According to US newswire reports, Wal-Mart engineers discovered the security of their system had been hacked into by a computer in Belarus after finding password-cracking code embedded in one of their firm's US servers.
When the hacker tried to activate the password-cracking tool, the server reportedly crashed, raising a security red flag triggering the discovery.
Because the Wal-Mart servers only track failed login attempts, not successful ones, Wired said it is impossible to know how many machines the hacker accessed.