POS Malware Breach at Sonic Drive-In

Delaware, USA – October 11, 2017 – Sonic Drive-In, a fast food restaurant chain in the United States, was attacked by cybercriminals that used POS terminals malware for stealing data on visitors’ payment cards. The restaurant chain has more than 3,500 locations in 45 states. Data breach affected approximately 5 million payment cards. On September 26, journalist Bryan Kerbs found a database that had been available for purchase on the underground store Jocker’s Stash. When he gathered enough information about this database, he called the Sonic company and informed them of his findings. The management engaged IBM division to the investigation, who discovered that the restaurant chain visitors’ banking cards database had been on sale since September 15. Stolen data can be used for online purchases or cloning of bank cards. The Sonic company on October 5 confirmed this data leakage.

The data theft from POS terminals is not uncommon and a severe threat. Such leaks are always accompanied by suspicious activity that your SIEM is capable of detecting and recognizing with the necessary analytical data. ArcSight, QRadar or Splunk administrators can find up-to-date and verified SIEM content in Use Case Cloud. Be prepared for the new threats that are continually emerging in today’s changeable cyberspace.