[BreachExchange] On The Border suffers potential cybersecurity incident with payments

[Destry Winant]

https://www.bizjournals.com/dallas/news/2019/11/26/on-the-border-suffers-potential-cybersecurity.html

On The Border Grill & Cantina is grappling with a potential
cybersecurity incident.

The Dallas-based Mexican restaurant chain said the company is
investigating a security incident that involves a payment processing
system that’s used at some of its restaurants. On Nov. 14, it
determined some card information was accessed through malware, it said
in a statement Tuesday.

“Our company has retained a leading forensics firm and is conducting
an investigation to determine the extent to which information in On
the Border's system has been impacted,” it said in the release. “We
are cooperating with law enforcement and have also notified payment
card networks of the investigation.”

Companies are facing rising challenges around cybersecurity as hackers
get more aggressive and cunning with their attacks. Last year, the
number of overall business detections of malware rose 79 percent,
according to a reportby Malwarebytes.

Another restaurant chain with ties to North Texas, Chili’s, warned
customersof a possible breach last year. The company, which is owned
by Dallas’ Brinker International Inc. (NYSE: EAT), said payment card
information was accessed or acquired.

On The Border has more than 150 restaurants in 32 states, Puerto Rico
and Asia, as of last year.

The security incident may have involved payment cards processed at
some restaurants between April 10 and Aug. 10, it said. Not all On The
Border restaurants were affected.

The incident involved restaurants in more than 25 states, including
Texas, New York and Oklahoma.

The attack affected credit card information, and that could include
names, card numbers, expiration dates and verification codes. The
company immediately went to work to fix the issue after learning about
it, On The Border said.

“We regularly update and strengthen our systems and processes to help
prevent unauthorized access,” it said on its website. “As part of our
ongoing commitment to protecting guest information and privacy, we are
working with leading partners in cybersecurity to strengthen and
enhance the security of our systems as we go forward.”