Delaware, USA – January 3, 2020 – The popular US restaurant chain notifies its customers of credit card stealing malware discovered in the company’s network. A few years ago, Landry’s already suffered a similar incident, after which the company implemented a payment processing solution that uses end-to-end encryption technology, which significantly reduced the scale of the recent data leakage. The malware was detected in mid-October, and the investigation revealed that most systems were infected on March 18, and only a small number of machines in January 2019. Fortunately, the end-to-end encryption system successfully protected sensitive data when cards were used on secured point-of-sale terminals, but the restaurant chain also uses order-entry systems with card readers that do not use encryption, they attached for waitstaff to enter kitchen and bar orders and to swipe Landry’s Select Club reward cards. These systems could be mistakenly used to process payment card data, the POS malware would have been able to steal payment information and send it to the attackers.
Landry’s discovered the POS malware on the networks of 63 bar and restaurant brands, A full list of restaurants and food and beverage outlets involved is available here: https://www.landrysinc.com/PotentiallyInvolvedConcepts/
It is worth recalling that this summer FIN8 returned after a two-year absence penetrating victims’ network and installing POS-malware on key systems. You can enhance the security of your organization with APT Framework rule pack that adds sophistication to your existing tools by leveraging the Lockheed Martin Cyber kill chain to connect the dots between low-level SIEM incidents and link them to high-confidence compromises: https://my.socprime.com/en/integrations/apt-framework