San Francisco Bistro Burger Compromised for over Two Months
Softpedia.com reported on 10th March, 2015 stating that hackers compromised the payment processing systems at an outlet of Bistro Burger located at San Francisco and might have collected card information for a period of two months before the breach was discovered and controlled.
Malware remained hidden from 2nd October to 4th December, 2014 in the computer systems used for handling card transactions.
Owners of business informed customers about this incident through different media outlets on Monday, 9th March, 2015 but it is not clear why the owners took so much time to disclose it.
The information might have exposed name, account number of payment card, expiry date of the card and security code which is normally last three digits printed on the back of the card (CVV).
The breach was controlled by replacing the hard drives on the machines infected by the malicious software and reconfiguring the point-of-sale (PoS) systems. Firewall protection was also added to the computers.
Databreaches.net published news on 10th March, 2015 quoting a notice by Bistro Burger expressing regret as “We want to inform our customers about steps they can take to protect themselves from identity theft and fraud. In this regard, we recommend that customers should review their debit and credit card statements immediately to find out any discrepancies or unusual activity there and they should continuously monitor the same for any suspicious activity in future. If they see any activity which they do not understand or which looks suspicious or find any fraudulent transactions, they should immediately inform the bank which issued their debit or credit card.”
The notice also says that if you have already been affected by this incident and have some more questions to ask, then you may call 415-533-1115 between 9 A.M. and 5 P.M. (Pacific Time) from Monday to Friday.
Moreover, Bistro Burger is not the only restaurant or hotel which has been attacked by cybercriminals in recent months because during the first week of January 2015, Presidian Hotels & Resorts, Texas (US) also had confirmed about a suspected breach of its point-of-sale (POS) system which happened between 26th July and 2nd September, 2014.