Tuesday, December 3, 2024
HomeData BreachPOS Malware Steals Users Payment Card Details from Checkers Drive-In Restaurants

POS Malware Steals Users Payment Card Details from Checkers Drive-In Restaurants

Published on

SIEM as a Service

The Checkers and Rally’s Restaurants, Inc disclosed a security breach that involved with malware on point-of-sale terminals which allowed hackers to steal payment data.

Checkers and Rally’s restaurants operate in 28 states, and it is one of the largest double drive-thru restaurants in the United States. The company operates nearly 900 restaurants across the country.

According to the companies investigation, they determined malware was installed on approximately 15% of restaurants point-of-sale systems and an unauthorized third party accessed the customer payment card details.

- Advertisement - SIEM as a Service

The malware was designed to collect the following information form payment cards that include cardholder name, payment card number, card verification code, and expiration date.

“After discovering the issue, we quickly engaged leading data security experts to conduct an extensive investigation and coordinated with affected restaurants and federal law enforcement authorities to address the matter.”

Out of 900 restaurants, 102 being impacted with the security breach, you can find the list of the impacted locations and their respective estimated dates of exposure is available here.

Most of the affected restaurants in the list are between 2018 and 2019, some of them in 2017 and 2 restaurants since 2016.

“Not all Checkers and Rally’s restaurants and not all guests who visited the impacted restaurants during the relevant time periods were affected by this issue,” reads breach report.

“Checkers encourages guests to review their account statements and contact their financial institution or card issuer immediately if they identify an unauthorized charge on their card.”

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

U.S. Charges China-Based Hacking Group for Massive 2015 Anthem Data Breach that Affected 78 Million People

Top Reasons Let Hackers Compromise the Healthcare Industry that Leads to Data Breaches

Bodybuilding.com Data Breach, Resulting from Phishing Attack Via Email

5 Best Workplace Practices To Prevent Data Breach

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts

Federated Parameter-Efficient Fine-Tuning (FedPEFT) is a technique that combines parameter-efficient fine-tuning (PEFT) with federated...

Hackers Cloning Websites, Exploiting RCE Flaws To Gain Access To Shopping Platforms

Cybercriminals are leveraging AI-powered phishing attacks, website cloning tools, and RCE exploits to target...

Hackers Exploited Windows Event Logs Tool log Manipulation, And Data Exfiltration

wevtutil.exe, a Windows Event Log management tool, can be abused for LOLBAS attacks. By...

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

Researchers Detailed New Exfiltration Techniques Used By Ransomware Groups

Ransomware groups and state-sponsored actors increasingly exploit data exfiltration to maximize extortion and intelligence...

Massive Credit Card Leak, Database of 1,221,551 Cards Circulating on Dark Web

A massive data breach has sent shockwaves across the globe, as a database containing...