Arby’s Cash Registers Found To Have Malware; More Than 350,000 Credit/Debit Cards Affected
Writer and security researcher Brian Krebs first made mention of the incident and said hundreds of the chain’s stores could have been affected. The only restaurants affected by the incident are ones the Atlanta, Ga. company own; franchises are not a part of the breach.
According to Arby’s Restaurant Group, it’s looking into the payment card systems after they learned of a potential data breach. The company has made law enforcement aware of the situation, and it’s hired a computer security company to look into the matter.
The company has already erased the malware from its restaurants’ systems.
The malware enabled hackers to attain credit card information as it was swiped. It’s the same kind of point-of-sale attack seen at Home Depot and Target.
Krebs said the first reports were from the credit union service group with the attack happening from Oct. 25, 2016 to January 19, 2017.
This means problems from non-credit-union debit and credit cards are not being reported and that more will be in the future.
Point-of-sale systems are connected to the computer network of the restaurant, and if the malware is in that system, it can get into the point-of-sale systems. The most common way malware makes its way into this system is through phishing email.
Arby’s is reminding customers to watch their statements for unauthorized activity vigilantly. If they don’t recognize any charges, they should inform their bank right away.