Visa’ security analysts discovered two incidents where the attackers planted malware within merchants corporate networks. In some cases, the attackers moved laterally through the networks and targeted internet-connected point-of-sale machines at gas pumps to scrape unencrypted credit and debit card data. In November, Visa issued a similar alert about a growing number of attacks targeting fuel dispenser merchants by compromising networks instead of individual fuel pumps. Some victims did not appear to be in compliance with PCI Data Security Standard regulations.”]
Source: https://www.govinfosecurity.com/visa-gas-station-networks-targeted-to-steal-card-data-a-13507