POS Malware target over 160 Applebee’s restaurants in the US

According to an announcement made by RMH Franchise Holdings on its website on Friday, Applebee’s owned and operated restaurant chains seem to be victims of data breaches.

RMH revealed that the incident was discovered on February 13. After learning of potential incidents, RMH immediately launched an investigation and obtained the help of a cybersecurity forensics company.

According to the analysis of security experts, the point-of-sale (POS) system of Applebee Restaurant, which is partially owned and operated by RMH, was installed by anonymous hackers with malicious software designed to steal consumer payment card information. This means that the consumer’s name, payment card number, and card verification code processed within a limited time may be compromised.

RMH emphasizes that the POS system of Applebee, which they own and operate, is completely isolated from the network of other Applebee restaurants. Therefore, their announcements only apply to consumers of Applebee restaurants owned by RMH.

According to the announcement, the incident affected Alabama, Arizona, Florida, Illinois, Indiana, Kansas, Kentucky, Missouri, Mississippi, Nebraska, Ohio, Pennsylvania. There are more than 160 Applebee restaurants in Texas, Wyoming, which represent almost all restaurants owned and operated by RMH.

The time of the incident varies depending on where the restaurant is located. In most cases, the malware appears between December 6, 2017, and January 2, 2018. However, for a few restaurants, malware has been active since November 23, 2017, or December 5, 2017.

RMH stated that they had taken measures immediately after the discovery of the incident to ensure that the impact continued to deteriorate. In addition to employing third-party cybersecurity experts to assist in investigations, they also notified the relevant law enforcement authorities about the incident and will continue to investigate and cooperate.

Currently, RMH is liaising with consumers who may be affected by the incident one by one to let them know about the incident and remind them of what they can do to protect themselves.

Source: infosecurity-magazine

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy