The restaurant chain Landry’s recently disclosed a security incident with malware designed to harvest credit card data from 63 different bar and restaurant brands, including Claim Jumper, Rainforest Cafe, Morton’s Steakhouse, and others. Although the malware went unnoticed for nearly a year, the chain is confident that the amount of card data stolen was minimal. Landry’s was previously breached in 2016. In an attempt to prevent card theft in the future, an end-to-end-encryption solution was introduced on all POS (point of sale) systems. Although encryption was introduced for POS systems, no such feature was enabled for order entry systems used by wait staff that would also allow for payments to be made. The list of impacted restaurant brands and locations can be found on their website at https://www.landrysinc.com/PotentiallyInvolvedConcepts/.
Analyst Notes
Companies in the retail, hospitality or any other industry that accepts card payments through POS terminals should strongly consider installing end-to-end encryption solutions on all devices that can process payments. Encryption, when properly implemented, protects payment card data from being exploited by criminals even if it is stolen. It is also important to monitor endpoints, including servers, workstations and POS terminal computers, for malware and signs of attacker behaviors that can give an early warning of an attack. Customers who visited any of the affected restaurant brands between January and October of 2019 should visit https://www.landrysinc.com/PotentiallyInvolvedConcepts/ to view impacted locations. A statement from Landry’s can also be found on their site at https://www.landrysinc.com/CreditNotice/. Even though Landry’s is confident that few card numbers were stolen, it’s always a good idea to check bank statements for fraudulent transactions. If any fraudulent transactions are found, report it to the bank and work with them to close the affected card and request a new replacement card.
Source: https://www.zdnet.com/article/landrys-restaurant-chain-disclose-pos-malware-incident/