[BreachExchange] POS Malware Steals Users Payment Card Details from Checkers Drive-In Restaurants

Destry Winant destry at riskbasedsecurity.com
Fri May 31 10:17:18 EDT 2019


https://gbhackers.com/pos-malware-steals-users-payment-card-details-from-checkers-drive-in-restaurants/

The Checkers and Rally’s Restaurants, Inc disclosed a security breach
that involved with malware on point-of-sale terminals which allowed
hackers to steal payment data.

Checkers and Rally’s restaurants operate in 28 states, and it is one
of the largest double drive-thru restaurants in the United States. The
company operates nearly 900 restaurants across the country.

According to the companies investigation, they determined malware was
installed on approximately 15% of restaurants point-of-sale systems
and an unauthorized third party accessed the customer payment card
details.

The malware was designed to collect the following information form
payment cards that include cardholder name, payment card number, card
verification code, and expiration date.

“After discovering the issue, we quickly engaged leading data security
experts to conduct an extensive investigation and coordinated with
affected restaurants and federal law enforcement authorities to
address the matter.”

Out of 900 restaurants, 102 being impacted with the security breach,
you can find the list of the impacted locations and their respective
estimated dates of exposure is available here.

Most of the affected restaurants in the list are between 2018 and
2019, some of them in 2017 and 2 restaurants since 2016.

“Not all Checkers and Rally’s restaurants and not all guests who
visited the impacted restaurants during the relevant time periods were
affected by this issue,” reads breach report.

“Checkers encourages guests to review their account statements and
contact their financial institution or card issuer immediately if they
identify an unauthorized charge on their card.”


More information about the BreachExchange mailing list