The Briar Group has come forward with confirmation that customers at its eight Boston-area restaurants may have had their credit card data stolen.
Details on the security breach are limited but the company said the theft of credit card data “may have occurred from sometime in October 2013 to early November 2013.”
The Briar Group’s confirmation follows buzz that a number of residents and visitors to Boston in the middle of November suffered from credit card data theft.
“As soon as the Briar Group became aware that our restaurants – and therefore our customers – may have been a target of this crime, we undertook an immediate investigation into this issue. Today we are reporting that the Briar Group’s systems were indeed infiltrated. The investigation remains active and ongoing,” the company said in a statement.
The Briar Group owns and operates eight restaurants in Boston –Anthem, City Bar, City Table, MJ O’Connor’s, Ned Devine’s, Solas, The Green Briar and The Harp.
From the company’s statement:
- Based on the initial results of our investigation, we believe the unauthorized access to card data at our restaurants may have occurred from sometime in October 2013 to early November 2013. We are still working to determine the exact dates and will update this website when we learn more.
- Even if you visited one of Briar Group’s restaurants during this period, your credit card data may not have been stolen or used.
- However, we urge all of our customers during this period to monitor your credit card statements carefully for fraudulent charges. You should not be responsible for any unauthorized charges on your card; you can contact your card issuer for more information.
- We want to assure you that the Briar Group takes the security of the personal information and bank data of all of our customers seriously. For the past several years, we have been working with data service and security professionals McGladrey to assure that we meet or exceed industry standards in terms of data security. All of our systems are PCI compliant and updated regularly.
The company said it has worked with security experts to lock down its systems to determine if its payment system was hacked. However, it did not provide any details about the breach and whether malware was used to pilfer the data.
“We have been working closely with law enforcement officials and are providing them with all available information to support their effort to identify the criminals who undertook this act,” The Briar Group said.
Related Reading: PCI DSS 3.0 – The Impact on Your Security Operations
Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.
More from Ryan Naraine
- Tenable Launches $25 Million Early-Stage Venture Fund
- VMware Plugs Critical Code Execution Flaws
- GoTo Says Hackers Stole Encrypted Backups, MFA Settings
- Apple Patches WebKit Code Execution in iPhones, MacBooks
- Thoma Bravo to Buy Magnet Forensics in $1.3B Transaction
- T-Mobile Says Hackers Used API to Steal Data on 37 Million Accounts
- Chainguard Trains Spotlight on SBOM Quality Problem
- Exploited Control Web Panel Flaw Added to CISA ‘Must-Patch’ List
Latest News
- Russian Millionaire on Trial in Hack, Insider Trade Scheme
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
- Vulnerabilities in OpenEMR Healthcare Software Expose Patient Data
- Russia-Linked APT29 Uses New Malware in Embassy Attacks
- Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability
- The Effect of Cybersecurity Layoffs on Cybersecurity Recruitment
- Critical Vulnerability Impacts Over 120 Lexmark Printers
- BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws
