430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Champagne Bakery Cafe and Islands burger chain disclose payment card breaches

The news of two new payment card breaches made the headlines, the victims are the Islands restaurant chain and Champagne French Bakery Cafe. The new restaurant chains with locations across the U.S. disclosed payment card breaches, in both cases, attackers used PoS malware to capture card data stored in the magnetic stripe. Exposed data includes […]

Landry’s card breach

The news of two new payment card breaches made the headlines, the victims are the Islands restaurant chain and Champagne French Bakery Cafe.

The new restaurant chains with locations across the U.S. disclosed payment card breaches, in both cases, attackers used PoS malware to capture card data stored in the magnetic stripe.

Exposed data includes cardholder name, card number, expiration date, and internal verification code.

A PoS-malware infected 60 restaurants of the Burger chain Islands in California, Arizona, Hawaii, Nevada, and other locations.

“Islands Restaurants was alerted to a potential payment card issue, immediately started an investigation, and took steps to end unauthorized access to our payment card network.” reads the data breach notice issued by the Burger Chain. “A leading computer forensic firm was engaged, and a thorough investigation was conducted to determine what occurred and what restaurant locations and time frames were involved. Islands notified the card networks and provided information to support an investigation by law enforcement.”

According to Burger chain Islands Restaurants, the incident took place earlier this year, but the timeframe of the incident varies by store location. The malware was active between February 18, 2019, and September 27, 2019.

The list of affected locations is available here, not all restaurants were impacted, and for some affected restaurants only some devices were infected. The company informed its customers that the malware has been removed from all locations.

Customers should remain vigilant to the possibility of fraud by reviewing their payment card statements for any unauthorized activity. 

Champagne French Bakery Café also disclosed a payment card breach that involved a point-of-sale malware. The malicious code allowed crooks to capture cardholder name, card number, expiration date, and internal verification code.

“Champagne French Bakery Café was alerted to a potential payment card issue, immediately started an investigation, and took steps to end unauthorized access to our payment card network.” reads the data breach notification published by the company.

“Over the general time frame of February 13, 2019 to September 27, 2019, malware was installed on certain point-of-sale devices in Champagne Bakery restaurants that were used for payment card transactions. The time frames involved vary by restaurant.”

The company states that for 7 of the 8 restaurants involved, the malware failed in obtaining the payment card data in certain weeks in March 2019.

The company confirmed that the PoS malware has been removed from all its systems at the impacted locations.

Both Champagne and Islands companies did not provide free identity protection and credit monitoring services.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Islands, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]