POS malware found at 160 Applebee's restaurant locations

[Cal Jeffrey]

Customer financial data may have been exposed at more than 160 Applebee’s locations across the U.S. Restaurant owner RMH Franchise Holdings, which has locations all over the United States, claims that it recently discovered malware on the point of sale (POS) terminals in its restaurants.

According to a report released by RMH, the malware may have exposed customer data to hackers. Information that could be at risk includes names, credit card numbers, expiration dates, and CVV (card verification value) numbers. So basically all the data needed to make fraudulent transactions over the phone or internet.

Locations were hit with the malware at varying times between November 2017 and January 2018.

“Upon learning of a potential incident, RMH promptly launched an investigation and obtained the help of leading cyber security forensics firms,” the company said. “Based on the experts’ investigation, RMH believes that unauthorized software placed on the point-of-sale system at certain RMH-owned and -operated Applebee’s restaurants was designed to capture payment card information and may have affected a limited number of purchases made at those locations.”

It is important to note that RMH has POS systems that are outside of the Applebee’s corporate network. Therefore only RMH franchises were affected.

The company claims that the threat has been contained and that only guests that paid at hostess stations or with their server were affected. Those that used self-pay tabletop devices or online were not exposed.

RMH has put up a list of locations on their website that will show the time window that each restaurant was at risk. They urge patrons to check this list to determine if they had a visit during the affected times and to take steps to protect themselves including notifying their bank of any fraudulent charges.

“Eating good in the neighborhood” has never been so risky.

Permalink to story.

https://www.techspot.com/news/73636-pos-malware-found-160-applebee-restaurant-locations.html

 

[Kibaruk]

With all the technology and security available nowadays this is quite baffling. Oddly enough I think that the states has the worst credit card culture and practices in America, on visits I am amazed at how common it is for them to take your card in order to pay elsewhere, and I'm not referring to a small town in the middle of nowhere, this happens in big cities. From where I come from we don't leave out CC unattended and if the service provider doesn't have a handheld device they will ask you to go pay at the cashier as they won't take your card out of your sight.

“Based on the experts’ investigation, RMH believes that unauthorized software placed on the point-of-sale system at certain RMH-owned and -operated Applebee’s restaurants was designed to capture payment card information and may have affected a limited number of purchases made at those locations.”

No shhh Sherlock.

 

[seefizzle]

At some point it's the retailer's fault. It's not as if they're not aware that something like this could happen. How many hundreds of millions of card numbers have been stolen from how many huge corporations? Stores need to secure their networks and there needs to be penalties for failures. All these Applebees should have their credit card processing abilities stripped or reduced in some way for a probationary period or something like that. Right now, there's no real accountability in this area. It's just a big 'oops', we're sorry, monitor your credit now for fraudulent activity. They won't even give you a gift card for the inconvenience.

 

[senketsu]

Well, I'm sure some Piece Of Sh*t Point Of Service hardware may not be up to the job. Perhaps they should consult the Las Vegas hotel/casinos. They know how to take your money without losing anything.