Applebees Infected By POS Malware, Customer Data Exposed

969

News broke yesterday that US restaurant giant Applebees had been infected with POS malware at up to160 locations, leading to the credit card data of customers to be breached. Giovanni Vigna, CTO and Co-Founder at Lastline commented below.

Lisa Baergen, Director at NuData Security Inc.:

 “Cybercriminals are being increasingly successful at finding weaknesses in Point-of-Sale (PoS) systems. In this case, 160 restaurants were hit by bad actors trying to steal credit card information. Restaurants and other hospitality industries must continuously monitor PoS devices and distribute patches regularly.

“On the other side, to combat online fraudulent transactions after the credit card information has been stolen, businesses offering services in the card-not-present (CNP) channel need to identify customers using multi-layered technologies that include passive biometrics. This technology monitors the user’s inherent behaviour, making it impossible for hackers to replicate or steal.

Leveraging a fully integrated multi-layered security approach that includes passive biometrics is an effective way to make stolen information valueless to the hacker and help stop fraud.”

Giovanni Vigna, CTO and Co-Founder at Lastline:

“Attacks against food chain restaurants are particularly effective, as the malware can reach many locations by spreading through the restaurant’s internal network.
In addition, the transaction pace for this type of businesses is particularly high, allowing the criminal to access a substantial amount of information.”

In this article