Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Over 50 Islands Restaurants Hit by Payment Card Breach

California-based burger chain Islands Restaurants recently informed customers that it had identified a piece of malware on the point-of-sale (PoS) systems used for payment card transactions at its restaurants.

California-based burger chain Islands Restaurants recently informed customers that it had identified a piece of malware on the point-of-sale (PoS) systems used for payment card transactions at its restaurants.

There are over 50 Islands restaurants in California, Arizona, Nevada and Hawaii, and a vast majority of them appear to have been impacted.

Based on the investigation conducted by Islands and a computer forensics company, the malware was present between February 13, 2019, and September 27, 2019, but the exact time frame varies from one restaurant to another.

However, the company has pointed out, “Not all restaurants were involved, and for some restaurants some but not all devices were involved. And at many of the restaurants involved, card data was not successfully obtained during certain weeks in March 2019. So, it is possible that not every card used at a restaurant during the time frame involved was found by the malware.”

An online tool has been made available to allow customers to check if they may be impacted by this incident based on the location of the restaurant and the time frame when the malware was present.

The malware used by the cybercriminals was apparently designed to steal data stored on a card’s magnetic stripe as it went through the system. This includes cardholder name, card number, its expiration date, and verification code. Islands has determined that in some cases the malware failed to obtain the cardholder name.

Islands says it has notified law enforcement and payment card networks, and it has been working with cybersecurity solutions providers to improve the security of its payment and other systems.

Several major restaurant companies informed customers of payment card breaches in the past year, including On The BorderChurch’s ChickenCatchFocus Brands (Moe’s, McAlister’s and Schlotzsky’s), Checkers Drive-In RestaurantsEarl EnterprisesHuddle House, Chili’sApplebee’s, and Cheddar’s Scratch Kitchen.

Advertisement. Scroll to continue reading.
Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

SSH Communications Security has appointed Pauli Haikonen as the company’s Chief Information Security Officer (CISO).

Cloud and container security firm Sysdig has tapped William Welch as CEO on its path to an IPO.

Dave Scher has been promoted to Deputy Chief Information Officer at MITRE.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.