The Huddle House restaurant chain reported it has closed a point-of-sale data breach that existed one of its third-party vendors from August 2017 until now.
The malware resided on a third-party system and exposed payment card information at some of the chain’s corporate and franchised locations. The company became aware of the situation when it was informed by law enforcement and its credit card processor that some of the locations were infected with malware. The information possibly involved includes cardholder name, credit/debit card number, expiration date, cardholder verification value, and service code.
“Criminals compromised a third-party point of sale (POS) vendor’s data system and utilized the vendor’s assistance tools to gain remote access—and the ability to deploy malware—to some Huddle House corporate and franchisee POS systems,” the company said in a statement.
Please register to continue.
Already registered? Log in.
Once you register, you’ll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.