In November 2019, the company disclosed that malware had been discovered on some of their point-of-sale devices at some locations. The malware searched for track data (which sometimes has the cardholder name in addition to card number, expiration date and internal verification code) read from a payment card as it was being routed through these POS devices.
Not all POS devices were infected, the company pointed out that it uses two different POS devices at its locations, one that is brought to customer's table by waitstaff and stationary ones at the bar and where the waitstaff enter orders. The portable POS devices were confirmed not affected because they utilized point-to-point encryption.
Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
We've done the analysis so you can make the decisions