Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Malware Found on Payment System Used by On The Border Restaurants

Tex-Mex restaurant chain On The Border has informed customers this week that their payment card information may have been stolen by hackers.

Tex-Mex restaurant chain On The Border has informed customers this week that their payment card information may have been stolen by hackers.

The breach was discovered on November 14 and at this point in the investigation the company believes the incident impacts restaurants in 27 states, including Arizona, Arkansas, Colorado, Connecticut, Florida, Georgia, Illinois, Indiana, Iowa, Kansas, Maine, Maryland, Massachusetts, Michigan, Mississippi, Missouri, New Jersey, New York, North Carolina, Ohio, Oklahoma, Pennsylvania, Rhode Island, South Carolina, Tennessee, Texas and Virginia.

The evidence uncovered so far suggests that the malware may have stolen cards processed at affected restaurants between April 10, 2019, and August 10, 2019.

There are over 150 On The Border restaurants in the United States and not all of them appear to be impacted, but the company has yet to provide a list of locations that were hit. Customers have been told that the incident does not affect its franchised locations or orders made through food delivery apps such as Uber Eats, DoorDash and Grubhub.

According to the company, the malware may have stolen information such as cardholder name, card number, expiration date, and card verification code. Dates of birth, social security numbers or guest identification numbers are not collected by the restaurant.

“We have notified the payment card networks and law enforcement of this incident and we are cooperating with each of their investigations,” On The Border said in a statement.

Argonne Capital Group, the private investment firm that owns On The Border, also owns the fast food restaurant chain Krystal, which also disclosed a payment card breach recently.

Krystal revealed in late October that hundreds of its restaurants were affected by a security incident that involved payment processing systems. The company said hackers may have obtained information from cards used between July and September 2019.

Advertisement. Scroll to continue reading.

It’s unclear if there is any link between the breaches suffered by On The Border and Krystal. SecurityWeek has reached out to Argonne to see if the company can confirm or deny a possible link.

Several major restaurant companies informed customers of payment card breaches in the past year, including Church’s Chicken, CatchFocus Brands (Moe’s, McAlister’s and Schlotzsky’s), Checkers Drive-In RestaurantsEarl EnterprisesHuddle House, Chili’sApplebee’s, and Cheddar’s Scratch Kitchen.

Security blogger Brian Krebs reported on Tuesday that someone is offering to sell four million stolen credit and debit cards on a major underground cybercrime website called Joker’s Stash, and the cards appear to have been obtained as a result of the Focus Brands and Krystal breaches.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

PAM provider Keeper Security has appointed Shane Barney as its Chief Information Security Officer.

SpecterOps has appointed Tim Bender as CFO, Pat Sheridan as CRO, and Bryce Hein as CMO.

CISA has officially announced the appointment of Madhu Gottumukkala as its new deputy director.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.