The legacy financial system strikes again, this time the victim is a 70-year-old restaurant chain called Shoney’s. Apparently, the franchise was hacked, leading to customer financial information being breached.
Shoney’s Hacked, Credit Card Info Stolen
According to a KrebsonSecurity report, several sources in the financial industry confirmed they have received confidential alerts from credit card associations about potential breaches at multiple restaurant locations. However, it remains unclear if the problem is just isolated to those particular locations or whether it extends throughout the entire Shoney’s franchise.
These same sources that confirmed receiving these alerts also say they think the breaches occurred between December 2016 and early March 2017. It’s also unclear whether the apparent breach affects corporate-owned or franchised stores — or both
The vast majority of the breaches involving restaurant and hospitality chains over the past few years have been tied to point-of-sale devices, the report added. In these cases, they were remotely hacked and seeded with malicious software that stole credit card info through the point-of-sale devices. Once the attackers have their malware loaded onto the point-of-sale devices, they can remotely capture data from each card swiped at that cash register.
KrebsonSecurity requested comments from Shoney’s about the breaches multiple times. However, they did not respond.
Security Failings Continue to Put Consumer Financial Information at Risk
This credit card breach continues a recent and unfortunate pattern of security failings among businesses and government agencies that are threatening people’s finances. Within the last week, multiple different institutions have discovered breaches (or potential breaches) of their systems.
From video game retailer GameStop to the federal government’s student financial aid program FASFA, security breaches have been in the news a lot lately.
Gamestop acknowledged a possible breach last week when they began investigating reports of hackers stealing their customer’s credit card information from their main website, Gamestop.com. Additionally, the IRS announced that FASFA has been breached April 6 through a tool it provides to applicants to make it easier for students to fill out FAFSA forms.
Interestingly, while the federal government has been one of the victims in the past week, it has also been one of the perpetrators. The same week FASFA was breached, Wikileaks released info that revealed that the NSA had hacked the interbank messaging system, SWIFT.
According to Reuters, National Security Agency (NSA) accessed the SWIFT interbank messaging system, allowing it to monitor money flows among some Middle Eastern and Latin American banks.
In any case, these incidences seem to indicate a larger failing — that is, people trusting or relying on centralized institutions to keep financial information safe. Centralized networks, in general, seem to be doing an inadequate job of keeping people’s money secure.
What do you think of Shoney’s apparent credit card breach and the recent spate of breaches among businesses and government agencies? Let’s hear your thoughts.
Images courtesy of Shoney’s and the NSA