Videos

 SHARE THIS PAGE

 NEWSLETTERS

 CONTACT US

SUBMIT CONTENT

ADVERTISING

Fast food chain Arby's acknowledges breach.
Friday, 10th February 2017
Source : Brian Krebs ~ KrebsOnSecurity.com

Related News (Click title to read article)

IHG confirms card breach at US hotels.

Kimpton Hotels acknowledges data breach.

Data breach at Oracle's MICROS Point-of-Sale division.

Sources: Trump Hotels breached again.

Useful Links (Click company to visit)

Content Marketing
www.4hoteliers.com/editorial/28

Exclusive Marketing eBlasts
www.4hoteliers.com/editorial/71

Featured Events Listing in Global eNews
https://www.4hoteliers.com/editorial/80

Follow us on Twitter!
www.twitter.com/4hoteliers

Global Hotels for Sale
www.hotelsforsaleglobally.com

ITB Marketing Programs
www.4hoteliers.com/itb/newsarticle/651

Lifestyle Concepts Group ~ We Power Lifestyle Businesses
www.lifestyleconceptsgroup.com

Luxury Tented Villas - `Glamping`
www.hotelsforsaleglobally.com/hotels/glamping.php

Nonweiler Associates ~ Making technology Useful
www.nonweiler.com

Northside Consulting ~ Opening Experts
www.northside-consulting.com/

Online Marketing & Brand Awareness
www.4hoteliers.com/editorial/16

Sources at nearly a half-dozen banks and credit unions independently reached out over the past 48 hours to inquire if I’d heard anything about a data breach at Arby’s fast-food restaurants; Asked about the rumors, Arby’s told KrebsOnSecurity that it recently remediated a breach involving malicious software installed on payment card systems at hundreds of its restaurant locations nationwide.

A spokesperson for Atlanta, Ga.-based Arby’s said the company was first notified by industry partners in mid-January about a breach at some stores, but that it had not gone public about the incident at the request of the FBI.

“Arby’s Restaurant Group, Inc. (ARG) was recently provided with information that prompted it to launch an investigation of its payment card systems,” the company said in a written statement provided to KrebsOnSecurity.

“Upon learning of the incident, ARG immediately notified law enforcement and enlisted the expertise of leading security experts, including Mandiant,” their statement continued. “While the investigation is ongoing, ARG quickly took measures to contain this incident and eradicate the malware from systems at restaurants that were impacted.”

Arby’s said the breach involved malware placed on payment systems inside Arby’s corporate stores, and that Arby’s franchised restaurant locations were not impacted.

Arby’s has more than 3,330 stores in the United States, and roughly one-third of those are corporate-owned. The remaining stores are franchises. However, this distinction is likely to be lost on Arby’s customers until the company releases more information about individual restaurant locations affected by the breach.

“Although there are over 1,000 corporate Arby’s restaurants, not all of the corporate restaurants were affected,” said Christopher Fuller, Arby’s senior vice president of communications. “But this is the most important point: That we have fully contained and eradicated the malware that was on our point-of-sale systems.”

The first clues about a possible breach at the sandwich chain came in a non-public alert issued by PSCU, a service organization that serves more than 800 credit unions.

The alert sent to PSCU member banks advised that PSCU had just received very long lists of compromised card numbers from both Visa and MasterCard. The alerts stated that a breach at an unnamed retailer compromised more than 355,000 credit and debit cards issued by PCSU member banks.

“PSCU believes the alerts are associated with a large fast food restaurant chain, yet to be announced to the public,” reads the alert, which was sent only to PSCU member banks.

Arby’s declined to say how long the malware was thought to have stolen credit and debit card data from infected corporate payment systems. But the PSCU notice said the breach is estimated to have occurred between Oct. 25, 2016 and January 19, 2017.

Such a large alert from the card associations is generally a sign of a sizable nationwide breach, as this is likely just the first of many alerts Visa and MasterCard will send to card-issuing banks regarding accounts that were compromised in the intrusion. If history is any lesson, some financial institutions will respond by re-issuing thousands of customer cards, while other (likely larger) institutions will focus on managing fraud losses on the compromised cards.

The breach at Arby’s comes as many credit unions and smaller banks are still feeling the financial pain from fraud related to a similar breach at the fast food chain Wendy’s. KrebsOnSecurity broke the news of that breach in January 2016, but the company didn’t announce it had fully removed the malware from its systems until May 2016. But two months after that the company was forced to admit that many Wendy’s locations were still compromised.

B. Dan Berger, president and CEO of the National Association of Federal Credit Unions, said the number of cards that PSCU told member banks were likely exposed in this breach is roughly in line with the numbers released not long after news of the Wendy’s breach broke.

“That’s probably one of the biggest numbers I’ve heard.”
“Hundreds of thousands of cards is a big number, and with the Wendy’s breach, the alerts we were getting from Visa and MasterCard were in the six-digit ranges for sure,” Berger said. “That’s probably one of the biggest numbers I’ve heard.”

Berger said the Wendy’s breach was especially painful because the company was re-compromised after it scrubbed its payment systems of malicious software. Many banks and credit unions ended up re-issuing customer cards several times throughout last year after loyal Wendy’s customers re-compromised their brand new cards again and again because they routinely ate at multiple Wendy’s locations throughout the month.

“We had institutions that stopped approving debit and credit transactions through Wendy’s when they were still dealing with that breach,” Berger said. “Our member credit unions were eating the costs of fraud on compromised cards, and on top of that having to re-issue the same cards over and over.”

Point-of-sale malware has driven most of the major retail industry credit card breaches over the past two years, including intrusions at Target and Home Depot, as well as breaches at a slew of point-of-sale vendors. The malware sometimes is installed via hacked remote administration tools like LogMeIn; in other cases the malware is relayed via “spear-phishing” attacks that target company employees. Once the attackers have their malware loaded onto the point-of-sale devices, they can remotely capture data from each card swiped at that cash register.

Thieves can then sell that data to crooks who specialize in encoding the stolen data onto any card with a magnetic stripe, and using the cards to purchase high-priced electronics and gift cards from big-box stores like Target and Best Buy.

Readers should remember that they’re not liable for fraudulent charges on their credit or debit cards, but they still have to report the unauthorized transactions. There is no substitute for keeping a close eye on your card statements. Also, consider using credit cards instead of debit cards; having your checking account emptied of cash while your bank sorts out the situation can be a hassle and lead to secondary problems (bounced checks, for instance).

Brian Krebs worked as a reporter for The Washington Post from 1995 to 2009, authoring more than 1,300 blog posts for the Security Fix blog, as well as hundreds of stories for washingtonpost.com and The Washington Post newspaper, including eight front-page stories in the dead-tree edition and a Post Magazine cover piece on botnet operators. He was recently profiled in Business Week and by Poynter.org.

www.krebsonsecurity.com

Latest News (Click title to read article)

Kerzner accelerates growth of SIRO, with properties set for Los Cabos & Riyadh
Thursday, 2nd May 2024

SITA unveils latest evolution in total airport management
Wednesday, 1st May 2024

AirPlay is now available in select IHG Hotels
Tuesday, 30th April 2024

Hotel rates slow, Asia reviews the costs of travel
Tuesday, 30th April 2024

Rivalry brewing in the Kingdom of Saudi Arabia
Tuesday, 30th April 2024

Latest Articles (Click title to read)

Asia’s Green Transition: Renewables in the Built Environment
Thursday, 2nd May 2024

Global eNewsletter of April 30, 2024
Tuesday, 30th April 2024

Deciphering the Plethora of Hotel Ratings and Rankings: Who needs them?
Tuesday, 30th April 2024

Why More Companies Are Opening Office Doors to Dogs
Tuesday, 30th April 2024

Global eNewsletter of April 29, 2024
Monday, 29th April 2024

Most Read Articles (Click title to read)

Global Update: Who's Where and Doing What - February 2024

Step Back in Time at Asia's Grand Heritage Hotels

Revenue Management Culture

The New Ways Companies are Investing in Employee Wellbeing

Why the Defeatist Attitude Toward Direct Online vs OTA Bookings?

~ Important Notice ~
Articles appearing on 4Hoteliers contain copyright material. They are meant for your personal use and may not be reproduced or redistributed. While 4Hoteliers makes every effort to ensure accuracy, we can not be held responsible for the content nor the views expressed, which may not necessarily be those of either the original author or 4Hoteliers or its agents.

Use of this web site is subject to our
terms & conditions of service and privacy policy