Newsroom

March 17, 2017

Google message points to POS hack at Select Restaurants

The message "This site may be hacked" accompanies a Google search return for Select Restaurants Inc. Cybersecurity blogger Brian Krebs writes that upon further investigation, it looks like several restaurants owned by the firm were affected by a point-of-sale breach in recent months.

Krebs writes that he heard from "multiple" financial institutions whose anti-fraud teams were trying to find out the source of a large amount of fraud involving credit cards used at high-end restaurants around the country. He found that the breach at these locations seemed to have been the result of an intrusion at Select Restaurants' POS vendor, 24x7 Hospitality Technology, which has notified its customers that the breach lasted from last October to mid-January.

He also discusses the pattern of such breaches and says it seems particularly common at smaller merchants, with the fact of the breach being discovered only after several financial institutions – banks and credit unions – have discussed their suspicions and figured out what occurred.

NAFCU is continuing to urge Congress to pass a strong national data security standard for retailers that would hold them to the same standards credit unions follow under the Gramm-Leach-Bliley Act.