2 min read

139 US bars, restaurants and coffeeshops infected by credit-card stealing malware

Graham CLULEY

February 21, 2019

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
139 US bars, restaurants and coffeeshops infected by credit-card stealing malware

North Country Business Products (NCBP), a provider of point-of-sales systems, has revealed that 139 of their clients have been hit by a malware infection that stole the payment card details of consumers.

Retailers at dozens of locations across the United States which used NCBP’s hardware and software to process payments may have been affected by the attack which is thought to have started on January 3 2019, and continued until January 24th.

Affected outlets include – amongst others – branches of Dunn Brothers Coffee, Someburros, Holiday Inn, and Zipps Sports Grill. Details potentially stolen by the unnamed malware include cardholder’s name, credit card number, expiration date, and CVV security code.

THere’s nothing really that consumers can do to avoid being hit by malware that has hit Point-of-Sales devices other than pay in cash.

Visitors to NBCP’s website are currently being greeted by a link to a stark announcement about the data breach.

The problem is, you’ve probably never heard of NCBP. It’s extremely unlikely that you know whether a restaurant, coffee shop or bar that you visited relied upon NCBP’s point-of-sales technology or not.

And the problem for NCBP is that although it can reach out to the 139 restaurants that it believes may have had their point-of-sales systems compromised, it has no way of contacting the actual customers who made purchases with the debit and credit cards.

After all, when you buy a coffee it’s normal to make a payment with your card. It’s not likely that you were asked for your address.

It seems to me that there are only two ways you’re likely to find out that you discover you have been impacted by the North Country Business Products security breach.

You’ll either notice (or have your bank notice) some suspicious purchases on your credit or debit card, or you’ll have visited the NCBP’s website and checked the long list of known establishments and locations included in the breach.

And just how likely is it that people will even hear about this breach, let alone go to check if they have purchased something from one of the affected restaurants?

If you do believe that you might have had your payment card details compromised, you may choose to place a security freeze on your credit file, stopping anyone else from accessing your financial details.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Chinese criminals scam kids desperate to play games for more than three hours a week Chinese criminals scam kids desperate to play games for more than three hours a week
Graham CLULEY

August 12, 2022

2 min read
Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach
Silviu STAHIE

August 09, 2022

1 min read
Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down
Silviu STAHIE

August 05, 2022

1 min read