Newsroom
July 20, 2016
Cicis data breach hit 135 locations
KrebsOnSecurity reported Wednesday that the Cicis Pizza data breach reported last month affected credit cards used in more than 135 of the restaurant's locations.
Krebs first reported the breach in June. Cicis is a Texas-based restaurant chain with more than 500 locations in 35 states.
Cicis now says that the company received reports of problems with the point-of-sale systems in March, after which they found malware on some of the systems and hired a cybersecurity firm to investigate.
Krebs said in June that it appeared hackers stole credit card data from certain restaurants "by posing as technical support specialists for the company's point-of-sale provider." Krebs noted that more than six financial institutions had contacted the blog with concerns about Cicis after detecting a pattern of fraud on cards that had been used there during the last few months.
Earlier this month, Wendy's admitted the list of locations affected by its breach topped 1,000.
NAFCU continues to push for a strong national data security standard for retailers through the "Data Security Act" (H.R. 2205/S. 961), which would hold retailers to the same standards credit unions already follow under the Gramm-Leach-Bliley Act and institute consumer notification requirements.
Krebs first reported the breach in June. Cicis is a Texas-based restaurant chain with more than 500 locations in 35 states.
Cicis now says that the company received reports of problems with the point-of-sale systems in March, after which they found malware on some of the systems and hired a cybersecurity firm to investigate.
Krebs said in June that it appeared hackers stole credit card data from certain restaurants "by posing as technical support specialists for the company's point-of-sale provider." Krebs noted that more than six financial institutions had contacted the blog with concerns about Cicis after detecting a pattern of fraud on cards that had been used there during the last few months.
Earlier this month, Wendy's admitted the list of locations affected by its breach topped 1,000.
NAFCU continues to push for a strong national data security standard for retailers through the "Data Security Act" (H.R. 2205/S. 961), which would hold retailers to the same standards credit unions already follow under the Gramm-Leach-Bliley Act and institute consumer notification requirements.
Share This
Related Resources
Data Privacy Issue Brief
Whitepapers
Data Privacy Issue Brief
Whitepapers
NAFCU Data Privacy Principles
Whitepapers
Compliance Monitor - August 2018
Newsletter
Get daily updates.
Subscribe to NAFCU today.