You may have heard about the recent security breach that impacted fast food giant, Arby’s. The hackers were able to gain access to Arby’s systems and obtain an estimated 350,000 credit card numbers from customers who visited the restaurant chain from October 2016 to January 2017. Last year, Wendy’s, another major fast food chain, was hit with a breach along with CiCi’s Pizza and Noodles and Company. From 2014 to 2015 over 500 of Landry’s Restaurants were hacked. Other security breaches that took place in 2014, include Chick-Fil-A and P.F. Chang’s. All of these hacks have one thing in common, and it is quite obvious — they’re each a restaurant.
Restaurants Continue To Be Targeted
So, what is making the fast food industry a primary target for hackers? According to PC Matic’s Vice President of Cyber Security, Dodi Glenn, there is a specific reason these companies are being sought out,
“Hackers rely on poorly secured systems. Once they get access into the company’s network, they pivot the attack and go after the point-of-sale (POS) systems. POS machines are often using older versions of Windows, like XP and Windows 7, and aren’t always updated with the latest security software. Therefore, they are easily breached. Also, many restaurants use the same software, so once hackers find a vulnerability it can be applied to different restaurants. Lastly, POS systems simply process transactions, and aren’t being used like a regular desktop computer. Therefore, things that would trigger the user to believe they have been hacked do not exist; for instance, no ransomware messages, slowness of the system, etc.”
Taking that into consideration, along with the magnitude of transactions that occur within these systems daily, you have the hacker’s dream. Think of a vault with hundreds of thousands of dollars in it, and the password is “password”. I’m not saying you would steal it, but someone with compromised morals, such as a hacker, would. It is the company’s job to make this as difficult as possible. Unfortunately, with the use of outdated POS systems, companies are leaving the doors wide open for information to be breached.
Arby’s was not the first fast food chain to be breached, nor will they be the last. However, it is time for the industry to recognize the breach trends and start being proactive to secure their customer’s data. In the meantime, Glenn suggests you do the following,
“It is important you keep a close eye on your bank and credit card statements to verify all transactions. If you notice any suspicious or unauthorized transactions, it is imperative you notify your banking institution immediately.”