Shoney’s Restaurant Suffers Large Data Breach Across 37 Locations

Media Division | April 18, 2017

Being that credit and debit cards are such a widely used form of payment, a multitude of organizations across the planet hold large amounts of card data within their systems.  Unfortunately, this information is, of course, going to be a high-value target for cyber attackers.  There have been many different instances of organizations being breached for the purpose of purloining card information, including other restaurants like Arby’s and Wendy’s.  Shoney’s restaurant chain has now become one of the most recent victims of this type of attack.

Best American Hospitality Corporation, the company that operates Shoney’s acknowledged last week that 37 of the restaurants had suffered a data breach that affected credit card information.  They said that the breach initially began in late December and was then contained in early March.  The breach affected corporate locations in South Carolina, Georgia, Virginia, Louisiana, Missouri, Mississippi, Florida, Alabama, Arkansas, and many in Tennessee.  According to their statement, they had received a report that some cards used at some Shoney’s restaurants had been stolen.  In response to the report, they hired Kroll Cyber Security, LLC to investigate the incident and review the security of their card processing systems in all of their restaurants.

Malware Discovered as the Culprit

Kroll was able to discover that malware had been remotely installed on credit card processing point of sale (POS) equipment in the restaurants.  Once the systems had been infected, the malware would search for data from cards that were run through payment processing.  It appears that the malware was able to obtain credit card numbers and cardholder names in many cases, but in others was not able to obtain the name.  There has been no information released as to how the malware was able to be initially installed on the systems.  Best American has advised those affected to report any suspicious activity to their card issuer.

In cases of cyber attacks like this, the hacker does not always immediately use the card information.  They may lie in wait for quite some time before deciding to use the cards for purchases.  There are also cases where they will not use the cards directly themselves, but rather sell the information that they were able to obtain on the black market.  In the event of a card breach, it is often a good idea to simply get a new card and destroy the old one.  In fact, many banks will immediately issue new cards to those affected by a breach, even if there has been no suspicious activity detected yet. This is a valuable security measure, as it helps to prevent customers from becoming the victims of any fraudulent charges.

Protecting From Malware Attacks Through Anti-Phishing Solutions

While there was no official information released as to the infection method used, malware infections are commonly accomplished through phishing attacks.  Phishing tends to be one of the most common forms of cyber attacks, simply because it is easy for attackers to create and launch these campaigns.  Plus, a large amount of people continue to fall for them.  Being that they are so prominent, it is important that organizations are properly protected against them, as well as able to effectively respond in the event of a successful breach.  A single phishing email can lead to the infection of entire systems and networks.  Through proper anti-phishing solutions, an organization can typically protect from attacks, and in the event that one is successful, they can mitigate the incident and eliminate the campaign.  Massive Alliance offers excellent anti-phishing solutions to help protect organizations from these types of attacks.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.