In November 2019, the company disclosed that malware had been discovered on some of their point-of-sale devices at some locations. The malware searched for track data (which sometimes has the cardholder name in addition to card number, expiration date and internal verification code) read from a payment card as it was being routed through these POS devices.
Not all POS devices were infected, the company pointed out that it uses two different POS devices at its locations, one that is brought to customer's table by waitstaff and stationary ones at the bar and where the waitstaff enter orders. The portable POS devices were confirmed not affected because they utilized point-to-point encryption.
Want to discuss this case? We're offering a FREE 20 minute phone consultation to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
We offer a range of cost-effective, fixed-price training programmes and consultant services derived from the unique insights gained from all our case study data.
If you'd rather we did the heavy lifting in developing a cyber incident response plan or lessons learnt training for your organisation underpined by our unique insight into the challenges faced and strategies implemented by organisations countering today's cyber security threats then please contact us here.
We've done the analysis so you can make the decisions