As Robert McMillan of IDG News Service kindly pointed out, this site initially reported the lawsuit against Radiant Systems and its distributor, Computer World Inc., over a week ago. If you’re new to this site, you can find that story here. In a subsequent post, I mentioned some other restaurants that had been hacked while using the Aloha POS and pointed out that it seems that Visa and the Secret Service knew about a connection to Aloha by August 2008 but that many restauranteurs using the system did not seem to know. One “smoking gun” in the lawsuit against Radiant and its distributor may be a letter that Visa allegedly sent to Radiant Systems in 2007 about the system and PCI-DSS compliance. Plaintiffs in one of two class-action lawsuits say that they had no knowledge in 2007 or prior to being hacked in 2008 that Visa had any concerns about Aloha POS and believed that they were using a compliant system.
So what happened to that letter and was a specific Aloha-related alert ever sent to acquirers and on to merchants? If and when I can find out more, I’ll post it.
While you’re on the site, feel free to look around. You may be surprised at the number of breaches reported here on a daily basis that you may not be learning about on other sites. For example, do you know which country recently had a breach that resulted in the birth certificates for everyone in the country being stolen? You can read it here.