Newsroom
June 06, 2016
Krebs: CiCi's Pizza hit by data breach
KrebsOnSecurity reports that CiCi's Pizza, a Texas-based restaurant chain with more than 500 locations in 35 states, has been hit by a credit card data breach.
Krebs said it appears hackers stole credit card data from certain restaurants "by posing as technical support specialists for the company's point-of-sale provider." Krebs noted that more than six financial institutions had contacted the blog with concerns about CiCi's after detecting a pattern of fraud on cards that had been used there during the last few months.
CiCi's told Krebs that an outside public relations firm is handling "the issue."
Krebs also followed up a tip that the breach could have been connected to CiCi's POS provider Datapoint, which denied the connection and said that hackers had posed as specialists from multiple POS providers.
NAFCU continues to push for a strong national data security standard for retailers through the "Data Security Act" (H.R. 2205/S. 961), which would hold retailers to the same standards credit unions already follow under the Gramm-Leach-Bliley Act and institute consumer notification requirements.
Krebs said it appears hackers stole credit card data from certain restaurants "by posing as technical support specialists for the company's point-of-sale provider." Krebs noted that more than six financial institutions had contacted the blog with concerns about CiCi's after detecting a pattern of fraud on cards that had been used there during the last few months.
CiCi's told Krebs that an outside public relations firm is handling "the issue."
Krebs also followed up a tip that the breach could have been connected to CiCi's POS provider Datapoint, which denied the connection and said that hackers had posed as specialists from multiple POS providers.
NAFCU continues to push for a strong national data security standard for retailers through the "Data Security Act" (H.R. 2205/S. 961), which would hold retailers to the same standards credit unions already follow under the Gramm-Leach-Bliley Act and institute consumer notification requirements.
Share This
Related Resources
Data Privacy Issue Brief
Whitepapers
Data Privacy Issue Brief
Whitepapers
NAFCU Data Privacy Principles
Whitepapers
Compliance Monitor - August 2018
Newsletter
Get daily updates.
Subscribe to NAFCU today.